| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-1000880 | 4.3 |
libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can resul
|
24-08-2020 - 17:37 | 20-12-2018 - 17:29 | |
| CVE-2018-1000878 | 6.8 |
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is un
|
06-11-2019 - 01:15 | 20-12-2018 - 17:29 | |
| CVE-2018-1000877 | 6.8 |
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window,
|
06-11-2019 - 01:15 | 20-12-2018 - 17:29 | |
| CVE-2017-14502 | 5.0 |
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header.
|
03-10-2019 - 00:03 | 17-09-2017 - 18:29 | |
| CVE-2017-14166 | 4.3 |
libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_fo
|
15-08-2019 - 18:15 | 06-09-2017 - 18:29 | |
| CVE-2017-14503 | 4.3 |
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
|
28-12-2018 - 16:29 | 17-09-2017 - 18:29 | |
| CVE-2017-14501 | 4.3 |
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
|
28-12-2018 - 16:29 | 17-09-2017 - 18:29 | |
| CVE-2016-10349 | 4.3 |
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
|
28-12-2018 - 16:29 | 01-05-2017 - 01:59 | |
| CVE-2016-10350 | 4.3 |
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
|
28-12-2018 - 16:29 | 01-05-2017 - 01:59 | |
| CVE-2016-10209 | 4.3 |
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
|
28-12-2018 - 16:29 | 03-04-2017 - 05:59 |