Lucene search
+L

180 matches found

RedHat Linux
RedHat Linux
added 2026/06/26 5:19 p.m.20 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libarchive: bsdcat-3.8.8-2.hum1 aarch64, x8664 bsdcpio-3.8.8-2.hum1 aarch64, x8664 bsdtar-3.8.8-2.hum1 aarch64, x8664 bsdunzip-3.8.8-2.hum1 aarch64, x8664 libarchive-3.8.8-2.hum1 aarch64, x8664...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.0 : libarchive (EulerOS-SA-2026-2172)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...

5.5CVSS5.5AI score0.00157EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.13.1 : libarchive (EulerOS-SA-2026-2133)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...

5.5CVSS5.5AI score0.00157EPSS
Exploits1References2
OSV
OSV
added 2026/05/16 1:15 a.m.9 views

CLSA-2026-1778894153 libarchive: Fix of CVE-2025-60753

CVE-2025-60753: denial of service in bsdtar -s substitution when the regular expression matches a zero-length string, causing an infinite loop in applysubstitution...

5.5CVSS5.8AI score0.00157EPSS
Exploits1References1
OSV
OSV
added 2026/05/16 1:2 a.m.11 views

CLSA-2026-1778893359 libarchive: Fix of CVE-2025-60753

CVE-2025-60753: denial of service in bsdtar -s substitution when the regular expression matches a zero-length string, causing an infinite loop in applysubstitution...

5.5CVSS5.8AI score0.00157EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2026-016794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016794 advisory. An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rules. Th...

5.5CVSS5.8AI score0.00157EPSS
Exploits1References4
OSV
OSV
added 2026/04/20 4:58 p.m.9 views

JLSEC-2026-153

An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service Out-of-Memory crash...

5.5CVSS6.2AI score0.00157EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/04/20 10:34 a.m.2 views

libarchive: A NULL pointer dereference vulnerability exists in the ACL parser of libarchive

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS6AI score0.00163EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/20 10:34 a.m.2 views

libarchive: bsdtar hangs and OOMs with zero-length pattern matches

A vulnerability in applysubstitution function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag or an explicitly empty pattern, this leads to...

5.5CVSS6.1AI score0.00157EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.11 views

Oracle Linux 8 : libarchive (ELSA-2026-8534)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8534 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

9.8CVSS5.8AI score0.01073EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

Oracle Linux 10 : libarchive (ELSA-2026-8492)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8492 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not test...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/14 8:39 a.m.7 views

SUSE CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/07 6:31 p.m.6 views

EUVD-2026-19705

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References3
NVD
NVD
added 2026/04/07 4:16 p.m.3 views

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS0.00163EPSS
Exploits0References3
OSV
OSV
added 2026/04/07 4:16 p.m.1 views

DEBIAN-CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS5.4AI score0.00163EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/07 4:16 p.m.5 views

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References2
OSV
OSV
added 2026/04/07 4:16 p.m.5 views

UBUNTU-CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/07 2:57 p.m.4 views

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/07 2:57 p.m.8 views

CVE-2026-5745

A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archiveaclfromtextnl function. When processing a malformed ACL string such as a bare "d" or "default" tag without subsequent fields, the function fails to perform...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.11 views

PT-2026-30880

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw exists in libarchive's ACL parsing logic within the archive acl from text nl function. Insufficient validation when processing malformed ACL strings, such as a bare "d" or "default"...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References12
Rows per page
Query Builder