Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libarchive vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-26256
libarchive Remote Code Execution Vulnerability
1 Article
NA
CVE-2024-20696
Windows Libarchive Remote Code Execution Vulnerability
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows Server 2022 23h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
1 Github repository
NA
CVE-2024-20697
Windows Libarchive Remote Code Execution Vulnerability
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows Server 2022 23h2 -
NA
CVE-2023-30571
Libarchive up to and including 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent u...
Libarchive Libarchive
NA
CVE-2022-36227
In libarchive prior to 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties di...
Libarchive Libarchive
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
NA
CVE-2021-31566
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extr...
Libarchive Libarchive
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux For Power Little Endian Eus 8.6
Redhat Codeready Linux Builder -
Debian Debian Linux 10.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
NA
CVE-2021-23177
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacke...
Libarchive Libarchive
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux For Power Little Endian Eus 8.6
Redhat Codeready Linux Builder -
Debian Debian Linux 10.0
NA
CVE-2022-28066
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-26280. Reason: This candidate is a duplicate of CVE-2022-26280. Notes: All CVE users should reference CVE-2022-26280 instead of this candidate. All references and descriptions in this candidate have been remo...
5.8
CVSSv2
CVE-2022-26280
Libarchive v3.6.0 exists to contain an out-of-bounds read via the component zipx_lzma_alone_init.
Libarchive Libarchive 3.6.0
Fedoraproject Fedora 36
4.3
CVSSv2
CVE-2021-36976
libarchive 3.4.1 up to and including 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
Libarchive Libarchive
Fedoraproject Fedora 35
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Watchos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »