TencentOS Server 3: libarchive (TSSA-2022:0019)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0019 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

K000148255: libarchive vulnerabilities CVE-2019-1000020 and CVE-2019-1000019

Security Advisory Description CVE-2019-1000020 libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards version v2.8.0 onwards contains a CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in ISO9660 parser, archivereadsupportformatiso9660.c,...

Oracle Linux 7 : libarchive (ELSA-2019-2298)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2298 advisory. - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 Tenable has extracted the precedin...

Oracle Linux 8 : libarchive (ELSA-2019-3698)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3698 advisory. - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 Tenable has extracted the precedin...

SUSE: Security Advisory (SUSE-SU-2019:0831-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3092-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : libarchive (CESA-2019:3698)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3698 advisory. - libarchive: Out-of-bounds read in lhareaddatanone CVE-2017-14503 - libarchive: Double free in RAR decoder resulting in a denial of service...

CVE-2017-1000020

creationtimestamp| type| source ---|---|--- 2020-02-27 08:20:18+00:00| seen| https://t.me/VulnerabilityNews/12770...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-1681)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-2014)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-1725)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-1714)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for libarchive (openSUSE-SU-2019:2632-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libarchive Multiple Vulnerabilities (NS-SA-2019-0248)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libarchive packages installed that are affected by multiple vulnerabilities: - libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability ...

openSUSE Security Update : libarchive (openSUSE-2019-2632)

This update for libarchive fixes the following issues : Security issues fixed : - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653. - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654. - CVE-2019-1000019: Fixed an Out-Of-Bounds Read...

openSUSE Security Update : libarchive (openSUSE-2019-2615)

This update for libarchive fixes the following issues : Security issues fixed : - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653. - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654. - CVE-2019-1000019: Fixed an Out-Of-Bounds Read...

SUSE SLED15 / SLES15 Security Update : libarchive (SUSE-SU-2019:3093-1)

This update for libarchive fixes the following issues : Security issues fixed : CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653. CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654. CVE-2019-1000019: Fixed an Out-Of-Bounds Read...

SUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2019:3092-1)

This update for libarchive fixes the following issues : Security issues fixed : CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653. CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654. CVE-2019-1000019: Fixed an Out-Of-Bounds Read...

Amazon Linux 2 : libarchive (ALAS-2019-1325)

libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive, related to lhacrc16.CVE-2017-14503 libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contain...

Medium: libarchive

Issue Overview: libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive, related to lhacrc16.CVE-2017-14503 libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0...