CVE Catalog

CVE-2026-45390

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

4th percentile — higher than 4% of all known CVEs

Summary

In OCaml-tar before version 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. Although tar(1) rejects such extractions, ocaml-tar decompresses it anyway.

Risk Assessment

This vulnerability allows an attacker to write arbitrary files outside of the desired extraction directory, potentially leading to serious security breaches.

Recommendation

It is recommended to upgrade to OCaml-tar version 3.4.0 or later to mitigate this vulnerability.

Original NVD description (English source)

In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar(1) rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the desired extraction directory (to an attacker that can reach a tar decompression endpoint).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS