Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the endpoints listed below. An attacker can manipulate user data or configuration settings, and perform unauthorized actions by convincing users to follow malicious links that execute unintended...

SUSE CVE-2015-8921

The aestrtofflags function in archiveentry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mtree file...

DEBIAN-CVE-2015-8921

The aestrtofflags function in archiveentry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mtree file...

Oracle Linux 7 : libarchive (ELSA-2016-1844)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1844 advisory. - Fixes variation of CVE-2016-5418: Hard links could include '..' in their path. - Fixes CVE-2016-5418: Archive Entry with type 1 hardlink causes file...