Vulnerability-Lookup

OPENSUSE-SU-2026:10743-1

Vulnerability from csaf_opensuse - Published: 2026-05-10 00:00 - Updated: 2026-05-10 00:00

Summary

tar-1.35-7.1 on GA media

Severity

Moderate

Notes

Title of the patch: tar-1.35-7.1 on GA media

Description of the patch: These are all security issues fixed in the tar-1.35-7.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2026-10743

CVE-2025-45582

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:tar-1.35-7.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-1.35-7.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-1.35-7.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-1.35-7.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-doc-1.35-7.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-doc-1.35-7.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-doc-1.35-7.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-doc-1.35-7.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-lang-1.35-7.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-lang-1.35-7.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-lang-1.35-7.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-lang-1.35-7.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-rmt-1.35-7.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-rmt-1.35-7.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-rmt-1.35-7.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-rmt-1.35-7.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-tests-1.35-7.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-tests-1.35-7.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-tests-1.35-7.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:tar-tests-1.35-7.1.x86_64	—	Vendor Fix

Threats

Impact important

References

5 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2025-45582/	self
https://www.suse.com/security/cve/CVE-2025-45582	external
https://bugzilla.suse.com/1246399	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "tar-1.35-7.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the tar-1.35-7.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2026-10743",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10743-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-45582 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-45582/"
      }
    ],
    "title": "tar-1.35-7.1 on GA media",
    "tracking": {
      "current_release_date": "2026-05-10T00:00:00Z",
      "generator": {
        "date": "2026-05-10T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2026:10743-1",
      "initial_release_date": "2026-05-10T00:00:00Z",
      "revision_history": [
        {
          "date": "2026-05-10T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tar-1.35-7.1.aarch64",
                "product": {
                  "name": "tar-1.35-7.1.aarch64",
                  "product_id": "tar-1.35-7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-backup-scripts-1.35-7.1.aarch64",
                "product": {
                  "name": "tar-backup-scripts-1.35-7.1.aarch64",
                  "product_id": "tar-backup-scripts-1.35-7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-doc-1.35-7.1.aarch64",
                "product": {
                  "name": "tar-doc-1.35-7.1.aarch64",
                  "product_id": "tar-doc-1.35-7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-lang-1.35-7.1.aarch64",
                "product": {
                  "name": "tar-lang-1.35-7.1.aarch64",
                  "product_id": "tar-lang-1.35-7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-rmt-1.35-7.1.aarch64",
                "product": {
                  "name": "tar-rmt-1.35-7.1.aarch64",
                  "product_id": "tar-rmt-1.35-7.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-tests-1.35-7.1.aarch64",
                "product": {
                  "name": "tar-tests-1.35-7.1.aarch64",
                  "product_id": "tar-tests-1.35-7.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tar-1.35-7.1.ppc64le",
                "product": {
                  "name": "tar-1.35-7.1.ppc64le",
                  "product_id": "tar-1.35-7.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tar-backup-scripts-1.35-7.1.ppc64le",
                "product": {
                  "name": "tar-backup-scripts-1.35-7.1.ppc64le",
                  "product_id": "tar-backup-scripts-1.35-7.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tar-doc-1.35-7.1.ppc64le",
                "product": {
                  "name": "tar-doc-1.35-7.1.ppc64le",
                  "product_id": "tar-doc-1.35-7.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tar-lang-1.35-7.1.ppc64le",
                "product": {
                  "name": "tar-lang-1.35-7.1.ppc64le",
                  "product_id": "tar-lang-1.35-7.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tar-rmt-1.35-7.1.ppc64le",
                "product": {
                  "name": "tar-rmt-1.35-7.1.ppc64le",
                  "product_id": "tar-rmt-1.35-7.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tar-tests-1.35-7.1.ppc64le",
                "product": {
                  "name": "tar-tests-1.35-7.1.ppc64le",
                  "product_id": "tar-tests-1.35-7.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tar-1.35-7.1.s390x",
                "product": {
                  "name": "tar-1.35-7.1.s390x",
                  "product_id": "tar-1.35-7.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tar-backup-scripts-1.35-7.1.s390x",
                "product": {
                  "name": "tar-backup-scripts-1.35-7.1.s390x",
                  "product_id": "tar-backup-scripts-1.35-7.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tar-doc-1.35-7.1.s390x",
                "product": {
                  "name": "tar-doc-1.35-7.1.s390x",
                  "product_id": "tar-doc-1.35-7.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tar-lang-1.35-7.1.s390x",
                "product": {
                  "name": "tar-lang-1.35-7.1.s390x",
                  "product_id": "tar-lang-1.35-7.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tar-rmt-1.35-7.1.s390x",
                "product": {
                  "name": "tar-rmt-1.35-7.1.s390x",
                  "product_id": "tar-rmt-1.35-7.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tar-tests-1.35-7.1.s390x",
                "product": {
                  "name": "tar-tests-1.35-7.1.s390x",
                  "product_id": "tar-tests-1.35-7.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tar-1.35-7.1.x86_64",
                "product": {
                  "name": "tar-1.35-7.1.x86_64",
                  "product_id": "tar-1.35-7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-backup-scripts-1.35-7.1.x86_64",
                "product": {
                  "name": "tar-backup-scripts-1.35-7.1.x86_64",
                  "product_id": "tar-backup-scripts-1.35-7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-doc-1.35-7.1.x86_64",
                "product": {
                  "name": "tar-doc-1.35-7.1.x86_64",
                  "product_id": "tar-doc-1.35-7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-lang-1.35-7.1.x86_64",
                "product": {
                  "name": "tar-lang-1.35-7.1.x86_64",
                  "product_id": "tar-lang-1.35-7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-rmt-1.35-7.1.x86_64",
                "product": {
                  "name": "tar-rmt-1.35-7.1.x86_64",
                  "product_id": "tar-rmt-1.35-7.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tar-tests-1.35-7.1.x86_64",
                "product": {
                  "name": "tar-tests-1.35-7.1.x86_64",
                  "product_id": "tar-tests-1.35-7.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-1.35-7.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-1.35-7.1.aarch64"
        },
        "product_reference": "tar-1.35-7.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-1.35-7.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-1.35-7.1.ppc64le"
        },
        "product_reference": "tar-1.35-7.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-1.35-7.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-1.35-7.1.s390x"
        },
        "product_reference": "tar-1.35-7.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-1.35-7.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-1.35-7.1.x86_64"
        },
        "product_reference": "tar-1.35-7.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-backup-scripts-1.35-7.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.aarch64"
        },
        "product_reference": "tar-backup-scripts-1.35-7.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-backup-scripts-1.35-7.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.ppc64le"
        },
        "product_reference": "tar-backup-scripts-1.35-7.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-backup-scripts-1.35-7.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.s390x"
        },
        "product_reference": "tar-backup-scripts-1.35-7.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-backup-scripts-1.35-7.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.x86_64"
        },
        "product_reference": "tar-backup-scripts-1.35-7.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-doc-1.35-7.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-doc-1.35-7.1.aarch64"
        },
        "product_reference": "tar-doc-1.35-7.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-doc-1.35-7.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-doc-1.35-7.1.ppc64le"
        },
        "product_reference": "tar-doc-1.35-7.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-doc-1.35-7.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-doc-1.35-7.1.s390x"
        },
        "product_reference": "tar-doc-1.35-7.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-doc-1.35-7.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-doc-1.35-7.1.x86_64"
        },
        "product_reference": "tar-doc-1.35-7.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-lang-1.35-7.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-lang-1.35-7.1.aarch64"
        },
        "product_reference": "tar-lang-1.35-7.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-lang-1.35-7.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-lang-1.35-7.1.ppc64le"
        },
        "product_reference": "tar-lang-1.35-7.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-lang-1.35-7.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-lang-1.35-7.1.s390x"
        },
        "product_reference": "tar-lang-1.35-7.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-lang-1.35-7.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-lang-1.35-7.1.x86_64"
        },
        "product_reference": "tar-lang-1.35-7.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-rmt-1.35-7.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-rmt-1.35-7.1.aarch64"
        },
        "product_reference": "tar-rmt-1.35-7.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-rmt-1.35-7.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-rmt-1.35-7.1.ppc64le"
        },
        "product_reference": "tar-rmt-1.35-7.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-rmt-1.35-7.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-rmt-1.35-7.1.s390x"
        },
        "product_reference": "tar-rmt-1.35-7.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-rmt-1.35-7.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-rmt-1.35-7.1.x86_64"
        },
        "product_reference": "tar-rmt-1.35-7.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-tests-1.35-7.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-tests-1.35-7.1.aarch64"
        },
        "product_reference": "tar-tests-1.35-7.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-tests-1.35-7.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-tests-1.35-7.1.ppc64le"
        },
        "product_reference": "tar-tests-1.35-7.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-tests-1.35-7.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-tests-1.35-7.1.s390x"
        },
        "product_reference": "tar-tests-1.35-7.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tar-tests-1.35-7.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tar-tests-1.35-7.1.x86_64"
        },
        "product_reference": "tar-tests-1.35-7.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-45582",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-45582"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file\u0027s name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of \"Member name contains \u0027..\u0027\" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain \"x -\u003e ../../../../../home/victim/.ssh\" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which \"tar xf\" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each \"tar xf\" in its Security Rules of Thumb; however, third-party advice leads users to run \"tar xf\" more than once into the same directory.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:tar-1.35-7.1.aarch64",
          "openSUSE Tumbleweed:tar-1.35-7.1.ppc64le",
          "openSUSE Tumbleweed:tar-1.35-7.1.s390x",
          "openSUSE Tumbleweed:tar-1.35-7.1.x86_64",
          "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.aarch64",
          "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.ppc64le",
          "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.s390x",
          "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.x86_64",
          "openSUSE Tumbleweed:tar-doc-1.35-7.1.aarch64",
          "openSUSE Tumbleweed:tar-doc-1.35-7.1.ppc64le",
          "openSUSE Tumbleweed:tar-doc-1.35-7.1.s390x",
          "openSUSE Tumbleweed:tar-doc-1.35-7.1.x86_64",
          "openSUSE Tumbleweed:tar-lang-1.35-7.1.aarch64",
          "openSUSE Tumbleweed:tar-lang-1.35-7.1.ppc64le",
          "openSUSE Tumbleweed:tar-lang-1.35-7.1.s390x",
          "openSUSE Tumbleweed:tar-lang-1.35-7.1.x86_64",
          "openSUSE Tumbleweed:tar-rmt-1.35-7.1.aarch64",
          "openSUSE Tumbleweed:tar-rmt-1.35-7.1.ppc64le",
          "openSUSE Tumbleweed:tar-rmt-1.35-7.1.s390x",
          "openSUSE Tumbleweed:tar-rmt-1.35-7.1.x86_64",
          "openSUSE Tumbleweed:tar-tests-1.35-7.1.aarch64",
          "openSUSE Tumbleweed:tar-tests-1.35-7.1.ppc64le",
          "openSUSE Tumbleweed:tar-tests-1.35-7.1.s390x",
          "openSUSE Tumbleweed:tar-tests-1.35-7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-45582",
          "url": "https://www.suse.com/security/cve/CVE-2025-45582"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1246399 for CVE-2025-45582",
          "url": "https://bugzilla.suse.com/1246399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:tar-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:tar-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-backup-scripts-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-doc-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-lang-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-rmt-1.35-7.1.x86_64",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.aarch64",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.ppc64le",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.s390x",
            "openSUSE Tumbleweed:tar-tests-1.35-7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-10T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-45582"
    }
  ]
}

CVE-2025-45582 (GCVE-0-2025-45582)

Vulnerability from cvelistv5 – Published: 2025-07-11 00:00 – Updated: 2025-11-02 00:12

Summary

GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each "tar xf" in its Security Rules of Thumb; however, third-party advice leads users to run "tar xf" more than once into the same directory.

Severity

4.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L

CWE

CWE-24 - Path Traversal: '../filedir'

Assigner

mitre

References

5 references

URL	Tags
https://github.com/i900008/vulndb/blob/main/Gnu_t…
https://www.gnu.org/software/tar/
https://www.gnu.org/software/tar/manual/html_node…
https://www.gnu.org/software/tar/manual/html_node…
https://lists.gnu.org/archive/html/bug-tar/2025-0…

Impacted products

1 product

Vendor	Product	Version
GNU	Tar	Affected: 0 , ≤ 1.35 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-45582",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T18:27:18.891014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-11T18:27:30.573Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-02T00:12:55.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/11/01/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Tar",
          "vendor": "GNU",
          "versions": [
            {
              "lessThanOrEqual": "1.35",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "1.35",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file\u0027s name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of \"Member name contains \u0027..\u0027\" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain \"x -\u003e ../../../../../home/victim/.ssh\" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which \"tar xf\" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each \"tar xf\" in its Security Rules of Thumb; however, third-party advice leads users to run \"tar xf\" more than once into the same directory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-24",
              "description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-18T03:08:06.530Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
        },
        {
          "url": "https://www.gnu.org/software/tar/"
        },
        {
          "url": "https://www.gnu.org/software/tar/manual/html_node/Security-rules-of-thumb.html"
        },
        {
          "url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html"
        },
        {
          "url": "https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-45582",
    "datePublished": "2025-07-11T00:00:00.000Z",
    "dateReserved": "2025-04-22T00:00:00.000Z",
    "dateUpdated": "2025-11-02T00:12:55.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

OPENSUSE-SU-2026:10743-1

CVE-2025-45582 (GCVE-0-2025-45582)

Tags

Sightings

Nomenclature