VDB

GCVE-110-MAGEIA-2026-230

GCVE-110-MAGEIA-2026-230
Advisory Published
Vulnetix · Advisory published June 24, 2026
The updated package fixes security vulnerabilities: Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. (CVE-2026-42496) Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. (CVE-2026-42497) Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. (CVE-2026-9538)

Affected Products

VendorProductVersionsPlatforms
Mageiaperl-Archive-Tar0 (affected), 2.380.0-2.1.mga9 (unaffected)

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›