6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.007 Low
EPSS
Percentile
79.9%
Software: libarchive 3.3.3
OS: ROSA Virtualization 2.1
package_evr_string: libarchive-3.3.3.3-5.0.1.rv3.src.rpm
CVE-ID: CVE-2018-1000879
BDU-ID: 2020-01816
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the archive_acl_from_text_lins function of the libarchive library is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted archive
CVE-STATUS: Fixed
CVE-REV: To close, run the yum update libarchive command
CVE-ID: CVE-2018-1000880
BDU-ID: 2019-00927
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the _warc_read (archive_read_support_format_warc.c) function of the libarchive library is related to input validation errors leading to DOS - quasi-infinite execution and disk usage from a small file. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the yum update libarchive command
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ROSA | any | noarch | libarchive | < 3.3.3 | UNKNOWN |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.007 Low
EPSS
Percentile
79.9%