{"id":"CVE-2026-9538","summary":"Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header","details":"Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header.\n\n_read_tar() reads each entry's payload with $handle-\u003eread($$data, $block), where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that value.\n\nA crafted header declaring a multi-gigabyte size causes Perl to allocate a scalar of that size.","modified":"2026-06-18T03:56:46.707243077Z","published":"2026-05-26T00:18:43.704Z","database_specific":{"cwe_ids":["CWE-789"],"cna_assigner":"CPANSec","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/9xxx/CVE-2026-9538.json"},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/26/4"},{"type":"WEB","url":"https://cpan.org/modules"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/9xxx/CVE-2026-9538.json"},{"type":"ADVISORY","url":"https://metacpan.org/release/BINGOS/Archive-Tar-3.10/changes"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-9538"},{"type":"FIX","url":"https://github.com/jib/archive-tar-new/commit/f9af01426038e29d9578825a0cd3626946ab08c7.patch"},{"type":"PACKAGE","url":"https://github.com/jib/archive-tar-new"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jib/archive-tar-new","events":[{"introduced":"0"},{"fixed":"737c9e68a65fe7d494c0fcaed355e105f8f564ad"},{"fixed":"f9af01426038e29d9578825a0cd3626946ab08c7"}],"database_specific":{"source":["CPE_RANGE","REFERENCES"],"extracted_events":[{"introduced":"0"},{"fixed":"3.10"}],"cpe":"cpe:2.3:a:archive\\:\\:tar_project:archive\\:\\:tar:*:*:*:*:*:perl:*:*"}}],"versions":["3.08","3.06","3.04","3.02","3.00","2.40","2.38","2.36","2.34","2.32","2.30","2.28","2.26","2.24","2.22","2.20","2.18","2.16","2.14","2.12","2.10","2.08","2.06","2.04","2.02","2.00","1.98","1.96","1.94","1.93_02","1.93_01","1.92","1.88","1.86","1.84","1.82","1.80","1.78"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-9538.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}