Description
The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Interpretation Conflict Vulnerability (CVE-2022-37436)
WordPress Plugin YouTube Cross-Site Request Forgery (11.8.1)
WordPress Plugin Custom Map Cross-Site Scripting (1.1)
Oracle JRE CVE-2012-5088 Vulnerability (CVE-2012-5088)
WordPress Plugin WP eCommerce 'cart_messages[]' Parameter Cross-Site Scripting (3.8.6)