This page collects WhisperX intelligence signals tagged #tar. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A medium-severity vulnerability in Kyverno's tar.Reader component could allow an attacker to trigger unbounded memory allocation and potential denial-of-service. The flaw, tracked as CVE-2026-32288, is triggered when the reader processes a maliciously crafted archive containing an excessive number of sparse regions enc...
A security audit dated April 29, 2026, has identified five vulnerabilities in the astral-tokio-tar library, a widely used Rust crate for handling tar archives with asynchronous I/O. The disclosure, catalogued under the RUSTSEC identifiers, reveals flaws ranging from arbitrary directory permission manipulation through s...
A set of security advisories has been published against the astral-tokio-tar Rust library, flagging multiple vulnerabilities in version 0.6.0 that could allow attackers to manipulate directory permissions outside the intended archive extraction boundary. The most prominently documented flaw, tracked as RUSTSEC-2026-011...
Two security advisories have been issued against the astral-tokio-tar Rust library, exposing vulnerabilities in version 0.6.0 that could allow attackers to manipulate directory permissions outside intended archive boundaries. The first flaw, catalogued as RUSTSEC-2026-0113, stems from the `unpack_in` API's failure to p...
A security audit has uncovered five vulnerabilities in astral-tokio-tar, a widely-used Rust library for handling tar archives. The most severe flaw—tracked as RUSTSEC-2026-0113—allows the unpack_in API to modify permissions on directories outside the intended archive hierarchy by following malicious symlinks. The vulne...