Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libarchive libarchive vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-10349
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Libarchive Libarchive 3.2.2
4.3
CVSSv2
CVE-2016-10350
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Libarchive Libarchive 3.2.2
4.3
CVSSv2
CVE-2020-21674
Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote malicious users to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects user...
Libarchive Libarchive 3.4.1
7.5
CVSSv2
CVE-2011-1779
Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image.
Freebsd Libarchive 2.8.5
Freebsd Libarchive 2.8.4
5.8
CVSSv2
CVE-2022-26280
Libarchive v3.6.0 exists to contain an out-of-bounds read via the component zipx_lzma_alone_init.
Libarchive Libarchive 3.6.0
Fedoraproject Fedora 36
9.3
CVSSv2
CVE-2007-3641
archive_read_support_format_tar.c in libarchive prior to 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remote malicious users to cause a denial of service (crash) and possibly execute ar...
Freebsd Libarchive
4.3
CVSSv2
CVE-2007-3645
archive_read_support_format_tar.c in libarchive prior to 2.2.4 allows user-assisted remote malicious users to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follows a pax extension header or (2) a malformed pax extension header in an (...
Freebsd Libarchive
4.3
CVSSv2
CVE-2007-3644
archive_read_support_format_tar.c in libarchive prior to 2.2.4 allows user-assisted remote malicious users to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TA...
Freebsd Libarchive
4.3
CVSSv2
CVE-2018-1000879
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to b...
Libarchive Libarchive
Opensuse Leap 15.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.5
CVSSv2
CVE-2010-4666
Buffer overflow in libarchive 3.0 pre-release code allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CAB file, which is not properly handled during the reading of Huffman code data within LZX com...
Freebsd Libarchive 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »