GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters
KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.
KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS.
The GNU tar program saves many files together in one archive and can restore individual files from that archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive compression/decompression, the ability to perform remote archives, and the ability to perform incremental and full backups. If yo ...
The Public Key Infrastructure Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix: * pki-core: access to external entities when parsing XML can lead to XXE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References sec ...
The Public Key Infrastructure Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix: * pki-core: access to external entities when parsing XML can lead to XXE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References sec ...
Access to external entities when parsing XML documents can lead to XML external entity attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests
Security Fix: pki-core: access to external entities when parsing XML can lead to XXE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.