Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libarchive libarchive vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-11463
A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote malicious users to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo. NOTE: this only affects users who downloaded the developm...
Libarchive Libarchive
5.5
CVSSv3
CVE-2015-9261
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2017-15873
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
Busybox Busybox 1.27.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
5.5
CVSSv3
CVE-2017-15874
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
Busybox Busybox 1.27.2
5.5
CVSSv3
CVE-2016-10349
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Libarchive Libarchive 3.2.2
5.5
CVSSv3
CVE-2016-10350
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Libarchive Libarchive 3.2.2
5.5
CVSSv3
CVE-2016-10209
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
Libarchive Libarchive 3.2.2
5.5
CVSSv3
CVE-2017-2390
An issue exists in certain Apple products. iOS prior to 10.3 is affected. macOS prior to 10.12.4 is affected. tvOS prior to 10.2 is affected. watchOS prior to 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to...
Apple Iphone Os
Apple Watchos
Apple Mac Os X
Apple Tvos
5.5
CVSSv3
CVE-2016-4679
An issue exists in certain Apple products. iOS prior to 10.1 is affected. macOS prior to 10.12.1 is affected. tvOS prior to 10.0.1 is affected. watchOS prior to 3.1 is affected. The issue involves the "libarchive" component, which allows remote malicious users to write ...
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
5.5
CVSSv3
CVE-2016-7619
An issue exists in certain Apple products. iOS prior to 10.2 is affected. macOS prior to 10.12.2 is affected. watchOS prior to 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to s...
Apple Iphone Os
Apple Mac Os X
Apple Watchos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »