CVE-2025-62518 - Geek Feed

Security
Tech News

TARmageddon flaw in abandoned Rust library enables RCE attacks

October 24, 2025October 24, 2025 geekfeed0Tagged async-tar, CVE-2025-62518, rce, Remote Code Execution, Rust, TARmageddon, vulnerability

A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. Tracked as CVE-2025-62518, this logic flaw results from a desynchronization issue that allows unauthenticated attackers to inject additional archive entries during TAR file extraction. This occurs specifically when processing nested TAR […]

2 mins read