Lucene search
+L

235 matches found

Redos
Redos
added 2022/12/16 12:0 a.m.37 views

ROS-20221216-01

A vulnerability in the libarchive archiving library is related to the lack of error checking after the call to the calloc function, which may return with a NULL pointer in case of a function crash, resulting in a NULL pointer dereference. resultant dereferencing of the NULL pointer. Exploitation ...

9.8CVSS8.8AI score0.01936EPSS
Exploits0
Mageia
Mageia
added 2022/12/13 10:9 p.m.63 views

Updated libarchive packages fix security vulnerability

In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. CVE-2022-36227...

9.8CVSS9.1AI score0.01936EPSS
Exploits0References3
OSV
OSV
added 2022/12/02 11:4 a.m.3 views

OESA-2022-2126 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

9.8CVSS7.1AI score0.01936EPSS
Exploits0References2
OSV
OSV
added 2022/12/02 11:4 a.m.3 views

OESA-2022-2124 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

9.8CVSS7.1AI score0.01936EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2022/11/29 8:0 a.m.4 views

In libarchive before 3.6.2 the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances when NULL is equivalent to the 0x0 memory address and privileged code can access it then writing or reading memory is possible which may lead to code execution."

...

9.8CVSS7.5AI score0.01936EPSS
Exploits0
CNVD
CNVD
added 2022/11/24 12:0 a.m.39 views

Libarchive Code Execution Vulnerability

libarchive is a multi-format archive and compression library. libarchive A code execution vulnerability exists in libarchive version 3.6.1, which stems from a failure to check for errors after calling the calloc function, i.e., if the function fails, the calloc function returns a NULL pointer,...

9.8CVSS8.4AI score0.01936EPSS
Exploits0References1
NVD
NVD
added 2022/11/22 2:15 a.m.21 views

CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS0.01936EPSS
Exploits0References7
OSV
OSV
added 2022/11/22 2:15 a.m.3 views

ALPINE-CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS7AI score0.01936EPSS
Exploits0References1
OSV
OSV
added 2022/11/22 2:15 a.m.2 views

DEBIAN-CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS6.9AI score0.01936EPSS
Exploits0References1
OSV
OSV
added 2022/11/22 2:15 a.m.5 views

AZL-11470 CVE-2022-36227 affecting package libarchive for versions less than 3.6.1-2

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS6.7AI score0.01936EPSS
Exploits0References1
Prion
Prion
added 2022/11/22 2:15 a.m.24 views

Null pointer dereference

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

7.5CVSS9.4AI score0.01936EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2022/11/22 2:15 a.m.3 views

UBUNTU-CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS6.8AI score0.01936EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/22 12:0 a.m.3 views

libarchive 代码问题漏洞

libarchive is a multi-format archive and compression library. libarchive A code execution vulnerability exists in libarchive version 3.6.1, which stems from a failure to check for errors after calling the calloc function, i.e., if the function fails, the calloc function returns a NULL pointer,...

9.8CVSS8AI score0.01936EPSS
Exploits0References32
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.36 views

CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.7AI score0.01936EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2022/11/22 12:0 a.m.44 views

CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS9.8AI score0.01936EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/11/22 12:0 a.m.183 views

CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS7.8AI score0.01936EPSS
Exploits0
OSV
OSV
added 2022/07/26 1:15 p.m.2 views

DEBIAN-CVE-2021-33450

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

5.5CVSS5.6AI score0.0032EPSS
Exploits1References1
OSV
OSV
added 2022/07/26 1:15 p.m.11 views

AZL-41338 CVE-2021-33450 affecting package nasm 2.16.01-1

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

5.5CVSS6AI score0.0032EPSS
Exploits1References1
OSV
OSV
added 2022/07/26 1:15 p.m.4 views

UBUNTU-CVE-2021-33450

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

5.5CVSS5.8AI score0.0032EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/07/11 12:0 a.m.5 views

PT-2022-6032 · Unknown +9 · Libarchive +9

Name of the Vulnerable Software and Affected Versions: libarchive versions prior to 3.6.2 Description: The issue is related to the calloc function in the libarchive library, which can lead to a NULL pointer dereference if an error occurs after the function is called. This may allow a remote...

10CVSS7.7AI score0.03154EPSS
Exploits3References93
Rows per page
Query Builder