CVE-2021-30139

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-30139
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-30139.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-30139
Downstream
Published
2021-04-21T16:15:08.830Z
Modified
2026-02-13T02:21:09.494464Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.

References

Affected packages

Git / gitlab.alpinelinux.org/alpine/apk-tools

Affected ranges

Type
GIT
Repo
https://gitlab.alpinelinux.org/alpine/apk-tools
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
bb684630cdc1aa843ed6e1e6115d76892adfd8dc
Introduced
81782bfc150225df75b11efa4fa0ade428ae3676
Fixed
e8da6c4d299ec348b9964ff4eab7736f2b7ed66a

Affected versions

v2.*
v2.12.0
v2.12.1
v2.12.2
v2.12.3
v2.12.4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-30139.json"