from 0, < 3.3.3-4+deb10u3
from 0, < 3.4.3-2+deb11u2
HIGH8.8CVE-2020-9308archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a… from 0, < 3.4.0-2
HIGH8.8libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vuln…
from 0, < 3.3.3-2
HIGH8.8libarchive - security update
from 0, < 3.1.2-11+deb8u6
HIGH8.8libarchive - security update
from 0, < 3.3.3-2
HIGH8.8libarchive - security update
from 0, < 3.1.2-11+deb8u1
HIGH8.8libarchive - security update
from 0, < 3.1.2-11.1
HIGH8.6Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash)…
from 0, < 3.2.1-1
HIGH7.8libarchive - security update
from 0, < 3.4.3-2+deb11u3
HIGH7.8libarchive - security update
from 0, < 3.4.3-2+deb11u3
HIGH7.8list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service…
from 0
HIGH7.8execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file…
from 0, < 3.6.2-1+deb12u1
HIGH7.8execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file…
from 0, < 3.6.2-1+deb12u1
HIGH7.8libarchive - security update
from 0, < 3.6.2-1+deb12u1
HIGH7.8libarchive - security update
from 0, < 3.6.2-1+deb12u1
HIGH7.8An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of…
from 0, < 3.4.3-2+deb11u1
HIGH7.8An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link.
from 0, < 3.4.3-2+deb11u1
HIGH7.8Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attack…
from 0, < 3.2.1-1
HIGH7.8Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote at…
from 0, < 3.2.1-1
HIGH7.8Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attacke…
from 0, < 3.2.1-1
HIGH7.8Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive…
from 0, < 3.2.0-2
HIGH7.5A flaw was found in libarchive.
from 0, < 3.4.3-2+deb11u4
HIGH7.5A flaw was found in libarchive.
from 0, < 3.4.3-2+deb11u4
HIGH7.5A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() proces…
from 0, < 3.4.3-2+deb11u4
HIGH7.5libarchive - security update
from 0, < 3.1.2-11+deb8u8
HIGH7.5libarchive - security update
from 0, < 3.2.2-2+deb9u2
HIGH7.5libarchive - security update
from 0, < 3.4.0-1
HIGH7.5read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, lea…
from 0, < 3.2.2-4.1
HIGH7.5The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (ou…
from 0, < 3.2.1-5
HIGH7.5libarchive - security update
from 0, < 3.2.1-5
HIGH7.5libarchive - security update
from 0, < 3.0.4-3+wheezy5
HIGH7.5libarchive - security update
from 0, < 3.0.4-3+wheezy5+deb7u1
HIGH7.5libarchive - security update
from 0, < 3.2.1-6
HIGH7.5libarchive - security update
from 0, < 3.0.4-3+wheezy4
HIGH7.5libarchive - security update
from 0, < 3.1.2-11+deb8u3
HIGH7.5libarchive - security update
from 0, < 3.2.1-4
HIGH7.5The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers…
from 0, < 3.2.1-1
HIGH7.5bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is…
from 0, < 3.2.0-2
HIGH7.5The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-boun…
from 0, < 3.2.0-2
HIGH7.5The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause…
from 0, < 3.2.0-2
HIGH7.5libarchive - security update
from 0, < 3.2.0-2
HIGH7.5libarchive - security update
from 0, < 3.0.4-3+wheezy2
HIGH7.3libarchive - security update
from 0, < 3.4.3-2+deb11u2
HIGH7.3libarchive - security update
from 0, < 3.6.2-1+deb12u2
MEDIUM6.6A vulnerability has been identified in the libarchive library.
from 0, < 3.4.3-2+deb11u3
MEDIUM6.6A vulnerability has been identified in the libarchive library.
from 0, < 3.6.2-1+deb12u3
MEDIUM6.5A flaw was found in libarchive.
from 0, < 3.4.3-2+deb11u4
MEDIUM6.5Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.
from 0, < 3.4.3-2+deb11u2
MEDIUM6.5libarchive - security update
from 0, < 3.4.3-2+deb11u2
MEDIUM6.5libarchive - security update
from 0, < 3.4.3-2+deb11u2
MEDIUM6.5libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachab…
from 0, < 3.3.3-4
MEDIUM6.5libarchive - security update
from 0, < 3.3.3-4
MEDIUM6.5libarchive - security update
from 0, < 3.1.2-11+deb8u7
MEDIUM6.5libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Valid…
from 0, < 3.3.3-2
MEDIUM6.5libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Derefe…
from 0, < 3.3.3-2
MEDIUM6.5libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a spec…
from 0, < 3.2.2-4.1
MEDIUM6.5An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a special…
from 0, < 3.2.2-4.2
MEDIUM6.5libarchive - security update
from 0, < 3.0.4-3+wheezy6+deb7u1
MEDIUM6.5libarchive - security update
from 0, < 3.2.2-3.1
MEDIUM6.5Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via…
from 0, < 3.2.1-1
MEDIUM6.5The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers t…
from 0, < 3.2.0-2
MEDIUM6.5libarchive - security update
from 0, < 3.2.0-2
MEDIUM6.5libarchive - security update
from 0, < 3.1.2-11+deb8u2
MEDIUM5.6A vulnerability has been identified in the libarchive library.
from 0, < 3.4.3-2+deb11u3
MEDIUM5.5A flaw was found in libarchive.
from 0
MEDIUM5.5An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafte…
from 0
MEDIUM5.5A vulnerability was found in libarchive up to 3.7.7.
from 0
MEDIUM5.5libarchive - security update
from 0, < 3.2.2-2+deb9u3
MEDIUM5.5libarchive - security update
from 0, < 3.4.2-1
MEDIUM5.5libarchive - security update
from 0, < 3.3.3-4+deb10u2
MEDIUM5.5The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause…
from 0, < 3.2.2-3.1
MEDIUM5.5The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffe…
from 0, < 3.2.2-3.1
MEDIUM5.5libarchive - security update
from 0, < 3.0.4-3+wheezy6
MEDIUM5.5libarchive - security update
from 0, < 3.2.2-3.1
MEDIUM5.5libarchive - security update
from 0, < 3.2.2-2+deb9u1
MEDIUM5.5The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to caus…
from 0, < 3.2.1-5
MEDIUM5.5libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (…
from 0, < 3.2.0-2
MEDIUM5.5The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a…
from 0, < 3.2.1-1
MEDIUM5.5Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote…
from 0, < 3.2.0-2
MEDIUM5.5The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a d…
from 0, < 3.2.0-2
MEDIUM5.5Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cau…
from 0, < 3.2.0-2
MEDIUM5.5The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial…
from 0, < 3.2.0-2
MEDIUM5.5The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a den…
from 0, < 3.2.0-2
MEDIUM5.5The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to c…
from 0, < 3.2.0-2
MEDIUM5.5The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of servic…
from 0, < 3.2.0-2
MEDIUM5.5The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to…
from 0, < 3.2.0-2
MEDIUM5.5The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of…
from 0, < 3.2.0-2
MEDIUM5.5The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of se…
from 0, < 3.2.0-2
MEDIUM5.5libarchive - security update
from 0, < 3.2.0-2
MEDIUM5.5libarchive - security update
from 0, < 3.1.2-11+deb8u4
MEDIUM5.5libarchive - security update
from 0, < 3.0.4-3+wheezy3
MEDIUM5.3Libarchive through 3.6.2 can cause directories to have world-writable permissions.
from 0
MEDIUM5.0A vulnerability has been identified in the libarchive library.
from 0, < 3.4.3-2+deb11u3
—libarchive - security update
from 0, < 3.1.2-11
—libarchive - security update
from 0, < 3.0.4-3+wheezy1
—libarchive - security update
from 0, < 2.8.4.forreal-1+squeeze3
—Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when run…
from 0, < 3.0.4-3
—Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application cras…
from 0, < 3.0.4-2
—Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute ar…
from 0, < 2.8.5-5