Libarchive: >> Libarchive >> 3.2.2 Security Vulnerabilities
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-05-01
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-05-01
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-04-03
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-01-27
Page 3