CVE-2026-9538
- Source
- https://cve.org/CVERecord?id=CVE-2026-9538
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-9538.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-9538
- Downstream
- Published
- 2026-05-26T00:18:43.704Z
- Modified
- 2026-06-18T03:56:46.707243077Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header
- Details
-
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header.
readtar() reads each entry's payload with $handle->read($$data, $block), where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that value.
A crafted header declaring a multi-gigabyte size causes Perl to allocate a scalar of that size.
- Database specific
{ "cna_assigner": "CPANSec", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/9xxx/CVE-2026-9538.json", "cwe_ids": [ "CWE-789" ] }- References
-
- http://www.openwall.com/lists/oss-security/2026/05/26/4
- https://cpan.org/modules
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/9xxx/CVE-2026-9538.json
- https://metacpan.org/release/BINGOS/Archive-Tar-3.10/changes
- https://nvd.nist.gov/vuln/detail/CVE-2026-9538
- https://github.com/jib/archive-tar-new/commit/f9af01426038e29d9578825a0cd3626946ab08c7.patch
- https://github.com/jib/archive-tar-new
Affected packages
Git / github.com/jib/archive-tar-new
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jib/archive-tar-new
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
- Database specific
{ "source": [ "CPE_RANGE", "REFERENCES" ], "extracted_events": [ { "introduced": "0" }, { "fixed": "3.10" } ], "cpe": "cpe:2.3:a:archive\\:\\:tar_project:archive\\:\\:tar:*:*:*:*:*:perl:*:*" }