Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-33643

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.6%
CVSS Severity
CVSS v3 Score 9.1
References
Products affected by CVE-2021-33643
  • Feep » Libtar » Version: N/A
    cpe:2.3:a:feep:libtar:-
  • Feep » Libtar » Version: 1.2.11
    cpe:2.3:a:feep:libtar:1.2.11
  • Feep » Libtar » Version: 1.2.13
    cpe:2.3:a:feep:libtar:1.2.13
  • Feep » Libtar » Version: 1.2.14
    cpe:2.3:a:feep:libtar:1.2.14
  • Feep » Libtar » Version: 1.2.15
    cpe:2.3:a:feep:libtar:1.2.15
  • Feep » Libtar » Version: 1.2.16
    cpe:2.3:a:feep:libtar:1.2.16
  • Feep » Libtar » Version: 1.2.17
    cpe:2.3:a:feep:libtar:1.2.17
  • Feep » Libtar » Version: 1.2.18
    cpe:2.3:a:feep:libtar:1.2.18
  • Feep » Libtar » Version: 1.2.19
    cpe:2.3:a:feep:libtar:1.2.19
  • Feep » Libtar » Version: 1.2.20
    cpe:2.3:a:feep:libtar:1.2.20
  • Fedoraproject » Fedora » Version: 35
    cpe:2.3:o:fedoraproject:fedora:35
  • Fedoraproject » Fedora » Version: 36
    cpe:2.3:o:fedoraproject:fedora:36
  • Fedoraproject » Fedora » Version: 37
    cpe:2.3:o:fedoraproject:fedora:37
  • Openatom » Openeuler » Version: 20.03
    cpe:2.3:o:openatom:openeuler:20.03
  • Openatom » Openeuler » Version: 22.03
    cpe:2.3:o:openatom:openeuler:22.03


Products
Pricing
Contact Us

Shodan ® - All rights reserved