Libarchive: >> Libarchive >> 3.2.1 Security Vulnerabilities
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
CVSS Score
7.5
EPSS Score
0.014
Published
2017-02-15
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-15
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.
CVSS Score
7.5
EPSS Score
0.011
Published
2017-02-15
Page 3