| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-8921 | 5.0 |
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
|
12-09-2023 - 14:45 | 20-09-2016 - 14:15 | |
| CVE-2015-8920 | 4.3 |
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
|
12-09-2023 - 14:45 | 20-09-2016 - 14:15 | |
| CVE-2016-5418 | 5.0 |
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
|
27-12-2019 - 16:08 | 21-09-2016 - 14:25 | |
| CVE-2016-7166 | 4.3 |
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
|
27-12-2019 - 16:08 | 21-09-2016 - 14:25 | |
| CVE-2016-4809 | 5.0 |
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
|
27-12-2019 - 16:08 | 21-09-2016 - 14:25 | |
| CVE-2016-5844 | 4.3 |
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
|
27-12-2019 - 16:08 | 21-09-2016 - 14:25 | |
| CVE-2015-8932 | 4.3 |
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
|
05-01-2018 - 02:30 | 20-09-2016 - 14:15 |