Libarchive: >> Libarchive >> 3.7.3 Security Vulnerabilities
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-03-28
A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-02-24
execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-10-10
execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-10-10
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c.
CVSS Score
9.1
EPSS Score
0.001
Published
2024-06-08
Libarchive Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.701
Published
2024-04-09