Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libarchive libarchive vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2015-8915
bsdcpio in libarchive prior to 3.2.0 allows remote malicious users to cause a denial of service (invalid read and crash) via crafted cpio file.
Libarchive Libarchive
5.3
CVSSv3
CVE-2023-30571
Libarchive up to and including 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent u...
Libarchive Libarchive
NA
CVE-2022-28066
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-26280. Reason: This candidate is a duplicate of CVE-2022-26280. Notes: All CVE users should reference CVE-2022-26280 instead of this candidate. All references and descriptions in this candidate have been remo...
NA
CVE-2019-20509
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it only affected a development version. Notes: none
NA
CVE-2015-6984
libarchive in Apple OS X prior to 10.11.1 allows malicious users to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.
Apple Mac Os X
NA
CVE-2015-2304
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and previous versions allows remote malicious users to write to arbitrary files via a full pathname in an archive.
Libarchive Libarchive
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2013-0211
Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and previous versions, when running on 64-bit machines, allows context-dependent malicious users to cause a denial of service (crash) via unspecified vectors, whi...
Libarchive Libarchive
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 14.10
Opensuse Opensuse 13.2
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Freebsd Freebsd 9.3
NA
CVE-2013-4668
Directory traversal vulnerability in File Roller 3.6.x prior to 3.6.4, 3.8.x prior to 3.8.3, and 3.9.x prior to 3.9.3, when libarchive is used, allows remote malicious users to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory str...
File Roller Project File Roller
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
NA
CVE-2011-1777
Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_support_format_iso9660.c in libarchive up to and including 2.8.5 allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via...
Freebsd Libarchive 2.8.3
Freebsd Libarchive 2.8.2
Freebsd Libarchive 2.6
Freebsd Libarchive 2.5
Freebsd Libarchive 2.4
Freebsd Libarchive 2.7.1
Freebsd Libarchive 2.7.0
Freebsd Libarchive 2.1
Freebsd Libarchive 2.0
Freebsd Libarchive 2.8.4
Freebsd Libarchive 2.6.2
Freebsd Libarchive 2.6.1
Freebsd Libarchive
Freebsd Libarchive 2.2.3
Freebsd Libarchive 2.8.1
Freebsd Libarchive 2.8.0
Freebsd Libarchive 2.3
Freebsd Libarchive 2.2
NA
CVE-2011-1778
Buffer overflow in libarchive up to and including 2.8.5 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive.
Freebsd Libarchive 2.8.4
Freebsd Libarchive 2.6.2
Freebsd Libarchive 2.6.1
Freebsd Libarchive
Freebsd Libarchive 2.2.3
Freebsd Libarchive 2.8.1
Freebsd Libarchive 2.8.0
Freebsd Libarchive 2.4
Freebsd Libarchive 2.3
Freebsd Libarchive 2.7.1
Freebsd Libarchive 2.7.0
Freebsd Libarchive 2.2
Freebsd Libarchive 2.1
Freebsd Libarchive 2.0
Freebsd Libarchive 2.8.3
Freebsd Libarchive 2.8.2
Freebsd Libarchive 2.6
Freebsd Libarchive 2.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »