CVE-2026-9538
7.5 HIGHArchive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header
Published: 2026-05-26 · Last updated: 2026-05-28
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-789
Affected products
| Vendor | Product |
|---|---|
| archive\ | \ |
Description
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. _read_tar() reads each entry's payload with $handle->read($$data, $block), where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that value. A crafted header declaring a multi-gigabyte size causes Perl to allocate a scalar of that size.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-44967 — OpenTelemetry-cpp is the C++ implementation of OpenTelemetry (5.3 MEDIUM)
- CVE-2026-47734 — Dulwich is a pure-Python implementation of the Git file formats and protocols (5.7 MEDIUM)
- CVE-2026-10142 — kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-i... (7.5 HIGH)
- CVE-2026-52759 — Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause ... (5.5 MEDIUM)
- CVE-2026-52753 — Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust_demangle function that allocates unbounded output buffers withou... (5.5 MEDIUM)