{"id":"CVE-2019-9923","details":"pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.","modified":"2026-04-16T00:04:10.277479537Z","published":"2019-03-22T08:29:00.247Z","related":["SUSE-SU-2019:0926-1","SUSE-SU-2019:14215-1","SUSE-SU-2020:2806-1","SUSE-SU-2022:1548-1","openSUSE-SU-2019:1237-1","openSUSE-SU-2024:11422-1"],"references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html"},{"type":"REPORT","url":"http://savannah.gnu.org/bugs/?55369"},{"type":"FIX","url":"http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120"},{"type":"FIX","url":"https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241"}],"affected":[{"ranges":[{"type":"GIT","repo":"http://git.savannah.gnu.org/git/tar.git/","events":[{"introduced":"0"},{"fixed":"44cfdfb8b61e2b84b37a61c18a83ef0916e9a0d2"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.32"}]}},{"type":"GIT","repo":"https://cgit.git.savannah.gnu.org/cgit/tar.git","events":[{"introduced":"0"},{"fixed":"cb07844454d8cc9fb21f53ace75975f91185a120"}]}],"versions":["alpha_1_13_93","alpha_1_15_90","alpha_1_15_90_incremental_1","alpha_1_15_91","old","release_1_14","release_1_15","release_1_15_1","release_1_16","release_1_16_1","release_1_17","release_1_18","release_1_19","release_1_20","release_1_21","release_1_22","release_1_23","release_1_24","release_1_25","release_1_26","release_1_27","release_1_27_1","release_1_28","release_1_29","release_1_30","release_1_31"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-9923.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"15.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}