RHSA-2026:2071 Red Hat Security Advisory: OpenShift Container Platform 4.18.33 packages and security update
Details
CVSS v3
4.3
NVD published
2025-10-29 23:16:19
EPSS
<0.1% probability · 1.9th percentile — 2026-04-03
Affected versions
Not available in our cache.
Summary
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.