URL has been copied successfully!
TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files


Tags: , , , , ,

CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A remote attacker can exploit the flaw to achieve code execution. >>astral-tokio-tar is a tar archive […]

First seen on securityaffairs.com

Jump to article: securityaffairs.com/183682/hacking/tarmageddon-flaw-in-async-tar-rust-library.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039)
  2. Microsoft patches privilege escalation flaw exploited since 2023
  3. Critical AnythingLLM Vulnerability Exposes Systems to Remote Code Execution
  4. PoC Exploit Published for Actively Exploited Cisco Identity Services Engine Flaw