Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities Microsoft Security Response Center

CVE-2026-42496 Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory

cve-2026-42496perl
  • What: A vulnerability in Archive::Tar for Perl allowing symlink extraction outside the target directory.
  • Impact: Could lead to file system exposure or manipulation.
Read Full Article →

We use optional cookies to improve your experience on our websites, such as through social media connections, and to display personalized advertising based on your online activity. If you reject optional cookies, only cookies necessary to provide you the services will be used. You may change your selection by clicking “Manage Cookies” at the bottom of the page. Privacy Statement Third-Party Cookies AcceptRejectManage cookies MSRC  Customer Guidance  Security Update Guide  Vulnerabilities  CVE-2026-42496 Your Privacy Choices Consumer Health Privacy

Related Articles

MEDIUM CVE-2026-48962 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob Microsoft Security Response Center INFO CVE-2026-9538 Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header Microsoft Security Response Center MEDIUM CVE-2026-42497 Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory Microsoft Security Response Center MEDIUM CVE-2026-33056 tar-rs: unpack_in can chmod arbitrary directories by following symlinks Microsoft Security Response Center
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn