Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libarchive
(Libarchive)Repositories | https://github.com/libarchive/libarchive |
#Vulnerabilities | 59 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2016-09-20 | CVE-2015-8926 | The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. | Ubuntu_linux, Libarchive, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | 5.5 | ||
2016-09-20 | CVE-2015-8925 | The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing. | Ubuntu_linux, Libarchive, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | 5.5 | ||
2016-09-20 | CVE-2015-8917 | bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file. | Ubuntu_linux, Debian_linux, Libarchive | 7.5 | ||
2016-09-20 | CVE-2015-8916 | bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file. | Ubuntu_linux, Debian_linux, Libarchive | 6.5 | ||
2016-09-20 | CVE-2015-8915 | bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file. | Libarchive | 5.5 | ||
2013-09-30 | CVE-2013-0211 | Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. | Ubuntu_linux, Fedora, Freebsd, Libarchive, Opensuse | N/A |