Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libarchive libarchive vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-14501
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
Libarchive Libarchive 3.3.2
5
CVSSv2
CVE-2017-14502
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header.
Libarchive Libarchive 3.3.2
4.3
CVSSv2
CVE-2017-14503
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
Libarchive Libarchive 3.3.2
7.5
CVSSv2
CVE-2011-1779
Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image.
Freebsd Libarchive 2.8.5
Freebsd Libarchive 2.8.4
5.8
CVSSv2
CVE-2022-26280
Libarchive v3.6.0 exists to contain an out-of-bounds read via the component zipx_lzma_alone_init.
Libarchive Libarchive 3.6.0
Fedoraproject Fedora 36
4.3
CVSSv2
CVE-2007-3644
archive_read_support_format_tar.c in libarchive prior to 2.2.4 allows user-assisted remote malicious users to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TA...
Freebsd Libarchive
9.3
CVSSv2
CVE-2007-3641
archive_read_support_format_tar.c in libarchive prior to 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remote malicious users to cause a denial of service (crash) and possibly execute ar...
Freebsd Libarchive
4.3
CVSSv2
CVE-2007-3645
archive_read_support_format_tar.c in libarchive prior to 2.2.4 allows user-assisted remote malicious users to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follows a pax extension header or (2) a malformed pax extension header in an (...
Freebsd Libarchive
4.3
CVSSv2
CVE-2018-1000879
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to b...
Libarchive Libarchive
Opensuse Leap 15.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.5
CVSSv2
CVE-2010-4666
Buffer overflow in libarchive 3.0 pre-release code allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CAB file, which is not properly handled during the reading of Huffman code data within LZX com...
Freebsd Libarchive 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »