PT-2026-43162 · Cpan+1 · Archive Tar+1

Stig Palmquist

·

Published

2026-05-26

·

Updated

2026-06-30

·

CVE-2026-42496

CVSS v3.1

9.1

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions Archive::Tar versions prior to 3.08
Description Archive::Tar for Perl allows the extraction of symlinks with attacker-controlled targets located outside the extraction directory. The function make special file() passes the tar header's linkname to symlink() without validating it against absolute paths or .. segments. While a secure-extract mode exists to guard regular file extraction, it does not cover the symlink target. Consequently, a subsequent open operation through the extracted name can read or write to an attacker-chosen path.
Recommendations Update Archive::Tar to version 3.08 or later.

Exploit

Fix

DoS

Path traversal

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:30851
ALSA-2026:30852
ALSA-2026:30856
ALSA-2026:30857
CVE-2026-42496
ECHO-1732-BCF6-7970
OESA-2026-2678
RHSA-2026:30851
RHSA-2026:30852
RHSA-2026:30856
RHSA-2026:30857
USN-8467-1

Affected Products

Archive Tar
Rocky Linux