CVE-2025-62518: Tar Pax Size Smuggling
Archive entry sizing must account for PAX extended headers to prevent archive entry smuggling (CWE-130 / CWE-1284). Relying exclusively on the basic ustar header size allows an attacker to specify a falsely small size, causing the parser to prematurely conclude the file read and misinterpret remaining file data as injected tar entry headers. Ensure PAX exten
greprules fetch cve-2025-62518-tar-pax-size-smuggling --engine opengrepDescription
Archive entry sizing must account for PAX extended headers to prevent archive entry smuggling (CWE-130 / CWE-1284). Relying exclusively on the basic ustar header size allows an attacker to specify a falsely small size, causing the parser to prematurely conclude the file read and misinterpret remaining file data as injected tar entry headers. Ensure PAX exten
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.