CVE-2018-20482

EPSS 0.02% · P6 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-20482

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GNU Tar 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GNU Tar是GNU计划开发的一套用于创建tar格式文件的工具。 GNU Tar 1.30及之前版本中存在安全漏洞，该漏洞源于程序没有正确地处理文件的收缩过程。本地攻击者可通过修改文件利用该漏洞造成拒绝服务（sparse.c文件的‘sparse_dump_region’函数无限读取循环）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-20482

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-20482

请登录查看更多情报信息。

https://twitter.com/thatcks/status/1076166645708668928x_refsource_MISC
https://news.ycombinator.com/item?id=18745431x_refsource_MISC
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454x_refsource_MISC
http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.htmlx_refsource_MISC
http://www.securityfocus.com/bid/106354vdb-entryx_refsource_BID
https://security.gentoo.org/glsa/201903-05vendor-advisoryx_refsource_GENTOO
https://lists.debian.org/debian-lts-announce/2021/11/msg00025.htmlmailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2018/12/msg00023.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2018-20482

Same Patch Batch · n/a · 2018-12-26 · 30 CVEs total

CVE-2018-19871		Digia Qt 资源管理错误漏洞
CVE-2018-20480		S-CMS SQL注入漏洞
CVE-2018-20479		S-CMS SQL注入漏洞
CVE-2018-20478		S-CMS 安全漏洞
CVE-2018-20477		S-CMS SQL注入漏洞
CVE-2018-20476		S-CMS 跨站脚本漏洞
CVE-2018-20467		ImageMagick 资源管理错误漏洞
CVE-2018-20481		Poppler 安全漏洞
CVE-2018-20485		ZOHO ManageEngine ADSelfService Plus 安全漏洞
CVE-2018-20484		ZOHO ManageEngine ADSelfService Plus 跨站脚本漏洞
CVE-2018-20483		GNU Wget 信息泄露漏洞
CVE-2018-20486		MetInfo 跨站脚本漏洞
CVE-2018-20404		VIA Technologies EPIA-E900系统主板ETK_E900.sys SmartETK驱动程序安全漏洞
CVE-2018-20217		MIT Kerberos 5 输入验证错误漏洞
CVE-2018-19873		Digia Qt 缓冲区错误漏洞
CVE-2018-20502		Bento4 安全漏洞
CVE-2018-19870		Digia Qt 代码问题漏洞
CVE-2018-19869		Digia Qt 输入验证错误漏洞
CVE-2018-19799		Dolibarr ERP/CRM 跨站脚本漏洞
CVE-2018-19616		Rockwell Automation Allen-Bradley PowerMonitor 1000 访问控制错误漏洞

Showing top 20 of 30 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-20482

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-20482

I. Basic Information for CVE-2018-20482

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-20482

III. Intelligence Information for CVE-2018-20482

Same Patch Batch · n/a · 2018-12-26 · 30 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-20482

Leave a comment