Lucene search
K

116 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.19 views

RHEL 9 : libarchive (RHSA-2026:24383)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24383 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

7.8CVSS7.6AI score0.00329EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/28 5:59 a.m.37 views

CVE-2026-44604 Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

7CVSS0.00547EPSS
Exploits0References3
CVE
CVE
added 2026/05/28 5:59 a.m.23 views

CVE-2026-44604

CVE-2026-44604 affects the RPM rpmuncompress utility. The vulnerability arises when extracting ZIP, 7z, or GEM archives to a destination directory: the archive’s top-level folder name is inserted into a shell command without proper sanitization, allowing a crafted archive with shell metacharacter...

7CVSS6AI score0.00547EPSS
Exploits0References3
Fedora
Fedora
added 2026/04/28 1:35 a.m.7 views

[SECURITY] Fedora 44 Update: libarchive-3.8.7-1.fc44

Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

9.8CVSS5.2AI score0.01073EPSS
Exploits0
Fedora
Fedora
added 2026/04/25 1:51 a.m.8 views

[SECURITY] Fedora 44 Update: libarchive-3.8.6-1.fc44

Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

7.5CVSS5.2AI score0.00693EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/20 2:55 p.m.31 views

CVE-2026-3219 pip doesn't reject concatenated ZIP and tar archives

pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior only proceeds wit...

4.6CVSS0.00144EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/20 2:55 p.m.7 views

CVE-2026-3219

pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior only proceeds wit...

4.6CVSS5.7AI score0.00144EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/04/18 12:0 p.m.7 views

libarchive security update

An update is available for libarchive. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libarchive programming library can create and read several different...

9.8CVSS6.2AI score0.01073EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is a tool for working with archived files. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to exhaust CPU, memory, and disk resources via a highly inflated ZIP/TAR archive file, resulting in service degradation or system unavailability...

6.7CVSS5.8AI score0.00319EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/18 12:52 a.m.3 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the extractArchive function in src/infra/archive.ts. An attacker can cause excessive resource consumption by submitting specially...

8.7CVSS5.6AI score0.00436EPSS
Exploits0References2
NVD
NVD
added 2026/01/29 10:15 p.m.8 views

CVE-2026-24846

malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 1.8.0 and prior to version 1.20.3, malcontent could be made to create symlinks outside the intended extraction directory when scanning a specially crafted tar or deb archive. The...

5.5CVSS0.00167EPSS
Exploits0References3
Snyk
Snyk
added 2026/01/29 10:5 p.m.3 views

Function Call With Incorrect Order of Arguments

Overview Affected versions of this package are vulnerable to Function Call With Incorrect Order of Arguments via the handleSymlink function. An attacker can create symlinks outside the intended extraction directory by providing a specially crafted tar or deb archive that exploits argument confusi...

6.7CVSS5.9AI score0.00167EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-7103

Malware in sbrugna...

10CVSS6.4AI score0.02266EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-1453

Malware in sbrugna...

5CVSS6.4AI score0.02151EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2005-3193

Malware in sbrugna...

5.1CVSS6.4AI score0.03087EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-2520

Malware in sbrugna...

5CVSS6.4AI score0.02043EPSS
Exploits1References9
OSV
OSV
added 2025/10/04 12:11 a.m.3 views

RLSA-2025:14130 Important: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

7.3CVSS7.1AI score0.00326EPSS
Exploits2References2
OSV
OSV
added 2025/10/04 12:11 a.m.4 views

RLSA-2025:9431 Moderate: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

4CVSS4.5AI score0.00329EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.5 views

libarchive security update

An update is available for libarchive. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libarchive programming library can create and read several different...

7.8CVSS6.6AI score0.00329EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.1 views

RHEL 8 : libarchive (RHSA-2025:14810)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14810 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

7.8CVSS6.6AI score0.00326EPSS
Exploits2References4
Rows per page
Query Builder