Количество 8
Количество 8
GHSA-9gcr-gp5f-jw27
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.
CVE-2025-58183
[archive/tar: unbounded allocation when parsing GNU sparse map]
CVE-2025-58183
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.
CVE-2025-58183
Unbounded allocation when parsing GNU sparse map in archive/tar
CVE-2025-58183
tar.Reader does not set a maximum size on the number of sparse region ...
SUSE-SU-2025:3682-1
Security update for go1.24
SUSE-SU-2025:03547-1
Security update for go1.25
ROS-20251029-07
Множественные уязвимости golang
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-9gcr-gp5f-jw27 tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations. | CVSS3: 3.3 | 0% Низкий | 7 дней назад |
 | CVE-2025-58183 [archive/tar: unbounded allocation when parsing GNU sparse map] | CVSS3: 4.3 | 0% Низкий | 27 дней назад |
 | CVE-2025-58183 tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations. | CVSS3: 4.3 | 0% Низкий | 7 дней назад |
 | CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar | 0% Низкий | 6 дней назад | |
| CVE-2025-58183 tar.Reader does not set a maximum size on the number of sparse region ... | CVSS3: 4.3 | 0% Низкий | 7 дней назад |
 | SUSE-SU-2025:3682-1 Security update for go1.24 | 16 дней назад | ||
| SUSE-SU-2025:03547-1 Security update for go1.25 | 26 дней назад | ||
 | ROS-20251029-07 Множественные уязвимости golang | CVSS3: 8.2 | 8 дней назад |
Уязвимостей на страницу