CVE-2021-30139: Buffer Overflow
First published: Wed Apr 21 2021(Updated: )
In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Alpinelinux Apk-tools | <2.10.6 | |
| Alpinelinux Apk-tools | >=2.12.0<2.12.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-30139?
CVE-2021-30139 is a vulnerability in Alpine Linux apk-tools before version 2.12.5 that allows a buffer overflow and crash in the tarball parser.
What is the severity of CVE-2021-30139?
CVE-2021-30139 has a severity score of 7.5 (high).
Which software is affected by CVE-2021-30139?
Alpine Linux apk-tools versions from 2.10.6 (exclusive) to 2.12.5 (inclusive) are affected by CVE-2021-30139.
How can I fix CVE-2021-30139?
To fix CVE-2021-30139, upgrade to version 2.12.5 or later of Alpine Linux apk-tools.
What are the references for CVE-2021-30139?
The references for CVE-2021-30139 are: [reference 1](https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741) and [reference 2](https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606)
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/alpinelinux
- canonical/alpinelinux apk-tools
- version/alpinelinux apk-tools/2.12.0