ALSA-2022:5252 Moderate: libarchive security update

🗓️ 01 Jul 2022 00:00:00Reported by GoogleType

osv

osv🔗 osv.dev👁 23 Views

libarchive security update for out-of-bounds read via zipx_lzma_alone_ini

Reporter	Title	Published	Views	Family All 94
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GNU Binutils, Bootstrap, PortSmash, Node.js, and libarchive might affect IBM Storage Defender – Data Protect.	18 Oct 202401:50	–	ibm
ALT Linux	Security fix for the ALT Linux 10 package libarchive version 3.6.0-alt2	26 Oct 202200:00	–	altlinux
ATTACKERKB	CVE-2022-28066	4 May 202214:15	–	attackerkb
Tenable Nessus	Amazon Linux 2022 : bsdcat, bsdcpio, bsdtar (ALAS2022-2022-103)	6 Sep 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2022 : bsdcat, bsdcpio, bsdtar (ALAS2022-2022-201)	4 Nov 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bsdcat, bsdcpio, bsdtar (ALAS2023-2023-071)	21 Mar 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libarchive (ALSA-2022:5252)	16 Nov 202200:00	–	nessus
Tenable Nessus	CentOS 9 : libarchive-3.5.3-2.el9	29 Feb 202400:00	–	nessus
Tenable Nessus	Debian dla-3950 : libarchive-dev - security update	12 Nov 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : libarchive (EulerOS-SA-2022-2293)	14 Sep 202200:00	–	nessus

Source	Link
access	www.access.redhat.com/errata/RHSA-2022:5252
access	www.access.redhat.com/security/cve/CVE-2022-26280
bugzilla	www.bugzilla.redhat.com/2071931
errata	www.errata.almalinux.org/9/ALSA-2022-5252.html

04 Feb 2026 03:18Current

6.6Medium risk

Vulners AI Score6.6

CVSS 25.8

CVSS 3.16.5

EPSS0.01877

libarchive security update out-of-bounds read zipx_lzma_alone_init cve-2022-26280