Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libarchive libarchive vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-14166
libarchive 3.3.2 allows remote malicious users to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.
Libarchive Libarchive 3.3.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
4.3
CVSSv2
CVE-2016-10349
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Libarchive Libarchive 3.2.2
4.3
CVSSv2
CVE-2016-10350
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Libarchive Libarchive 3.2.2
4.3
CVSSv2
CVE-2016-10209
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
Libarchive Libarchive 3.2.2
4.3
CVSSv2
CVE-2016-4679
An issue exists in certain Apple products. iOS prior to 10.1 is affected. macOS prior to 10.12.1 is affected. tvOS prior to 10.0.1 is affected. watchOS prior to 3.1 is affected. The issue involves the "libarchive" component, which allows remote malicious users to write ...
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
4.3
CVSSv2
CVE-2015-8915
bsdcpio in libarchive prior to 3.2.0 allows remote malicious users to cause a denial of service (invalid read and crash) via crafted cpio file.
Libarchive Libarchive
4.3
CVSSv2
CVE-2007-3645
archive_read_support_format_tar.c in libarchive prior to 2.2.4 allows user-assisted remote malicious users to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follows a pax extension header or (2) a malformed pax extension header in an (...
Freebsd Libarchive
4.3
CVSSv2
CVE-2007-3644
archive_read_support_format_tar.c in libarchive prior to 2.2.4 allows user-assisted remote malicious users to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TA...
Freebsd Libarchive
2.1
CVSSv2
CVE-2019-19221
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.
Libarchive Libarchive 3.4.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
2.1
CVSSv2
CVE-2017-2390
An issue exists in certain Apple products. iOS prior to 10.3 is affected. macOS prior to 10.12.4 is affected. tvOS prior to 10.2 is affected. watchOS prior to 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to...
Apple Iphone Os
Apple Watchos
Apple Mac Os X
Apple Tvos
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »