Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 06 Aug 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Sun, 13 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-08-06T21:12:29.246Z
Reserved: 2016-07-26T00:00:00.000Z
Link: CVE-2016-6321

Updated: 2024-08-06T01:29:18.337Z

Status : Deferred
Published: 2016-12-09T22:59:00.170
Modified: 2025-08-06T22:15:28.107
Link: CVE-2016-6321


No data.