Lucene search
+L

3172 matches found

redhat
redhat
added 4 days ago5 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libarchive: bsdcat-3.8.8-2.1.hum1 aarch64, x8664 bsdcpio-3.8.8-2.1.hum1 aarch64, x8664 bsdtar-3.8.8-2.1.hum1 aarch64, x8664 bsdunzip-3.8.8-2.1.hum1 aarch64, x8664 libarchive-3.8.8-2.1.hum1 aarch6...

3.9CVSS6.1AI score0.00203EPSS
Exploits0References3
redhat
redhat
added 4 days ago5 views

libarchive: heap overflow OOB read while parsing a tar archive contains a PAX extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References6
mageia
mageia
added 5 days ago5 views

Updated libarchive packages fix security vulnerabilities

The updated packages fix bugs including security ones...

9.8CVSS6.7AI score0.01073EPSS
Exploits1References2
osv
osv
added 5 days ago1 views

MGASA-2026-0241 Updated libarchive packages fix security vulnerabilities

The updated packages fix bugs including security ones...

9.8CVSS6.7AI score0.01073EPSS
Exploits1References3
nvd
nvd
added 6 days ago7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
osv
osv
added 6 days ago3 views

UBUNTU-CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References4
attackerkb
attackerkb
added 6 days ago7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References6
vulnrichment
vulnrichment
added 6 days ago7 views

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
euvd
euvd
added 6 days ago9 views

EUVD-2026-42865

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References4
cvelist
cvelist
added 6 days ago39 views

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
cve
cve
added 6 days ago16 views

CVE-2026-15028

In libarchive, CVE-2026-15028 describes a heap overflow triggered while parsing a tar archive’s PAX extended header with a malformed SUN.holesdata sparse-file attribute. The vulnerability is exploitable remotely to cause DoS or potentially arbitrary code execution on affected systems. The root ca...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
redhatcve
redhatcve
added 6 days ago8 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
nessus
nessus
added 6 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-15028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References3
ptsecurity
ptsecurity
added 6 days ago8 views

PT-2026-57143

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw in the parsing of a PAX extended header allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue specifically occurs when processi...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References11
osv
osv
added 2026/07/09 12:49 p.m.3 views

OESA-2026-2890 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

7.5CVSS6AI score0.0035EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:49 p.m.3 views

OESA-2026-2889 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

7.5CVSS6AI score0.0035EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:49 p.m.1 views

OESA-2026-2888 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

7.5CVSS6AI score0.0035EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:49 p.m.3 views

OESA-2026-2887 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

7.5CVSS6AI score0.0035EPSS
Exploits0References2
osv
osv
added 2026/07/03 11:46 a.m.4 views

SUSE-SU-2026:2747-1 Security update for libarchive

This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. - CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing bsc1259928. - CVE-2026-4426: undefined behavior due to unvalidat...

9.8CVSS7.4AI score0.01073EPSS
Exploits1References9
nvd
nvd
added 2026/06/30 7:16 a.m.26 views

CVE-2026-14164

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS0.0035EPSS
Exploits0References5
Rows per page
Query Builder