6 matches found
Fedora 30 : xar (2020-bbd24dd0cf)
The remote Fedora 30 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2020-bbd24dd0cf advisory. - Use Apple upstream instead of non-fresh Github one - New upstream in 1.8 dev branch with 417.1 subversion - Close CVE-2018-17093 - Close...
Fedora: Security Advisory for xar (FEDORA-2020-bbd24dd0cf)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2018-17094
CVE-2018-17094 is a duplicate of CVE-2017-11124. The connected data identify the underlying issue as a NULL pointer dereference in xar_unserialize (archive.c) within libxar.so used by the xar package. Fedora advisories reference remediation by upgrading xar to a newer upstream: 1.8.x releases (ex...
CVE-2017-11124
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xarunserialize function in archive.c...
CVE-2017-11124
CVE-2017-11124 concerns the XAR project: libxar.so in xar 1.6.1 contains a NULL pointer dereference in the xar_unserialize function (archive.c). The connected records corroborate the CVE across NVD entries and Fedora advisories, noting the issue alongside related CVEs in xar releases and updates ...
CVE-2017-11124
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xarunserialize function in archive.c...