18 matches found
K000148256: libarchive vulnerability CVE-2018-1000880
Security Advisory Description libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards release v3.2.0 onwards contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archivereadsupportformatwarc.c, warcread that can result in DoS - quasi-infinite r...
RHEL 8 : libarchive (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libarchive: heap-based buffer overflow in archivestringappendfromwcs function in archivestring.c...
SUSE: Security Advisory (SUSE-SU-2019:0831-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package libarchive version 3.4.0-alt1
Aug. 22, 2019 Aleksei Nikiforov 3.4.0-alt1 - Updated to upstream version 3.4.0. - Fixes: + CVE-2018-1000877 Double Free vulnerability in RAR decoder + CVE-2018-1000878 Use After Free vulnerability in RAR decoder + CVE-2018-1000879 NULL Pointer Dereference vulnerability in ACL parser +...
[ASA-201906-21] libarchive: multiple issues
Arch Linux Security Advisory ASA-201906-21 ========================================== Severity: High Date : 2019-06-25 CVE-ID : CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 CVE-2019-1000019 CVE-2019-1000020 Package : libarchive Type : multiple issues Remote : No Link :...
Photon OS 3.0: Libarchive PHSA-2019-3.0-0015
An update of the libarchive package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0015. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid126114;...
Fedora 30 : libarchive (2019-fbe83d0e32)
Security fix for CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 ---- Applied various flaws from upsteam Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...
Fedora 28 : libarchive (2019-c595a93536)
Security fix for CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 ---- Applied various flaws from upsteam Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...
Fedora 29 : libarchive (2019-0233ec0ff3)
Security fix for CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 ---- Applied various flaws from upsteam Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...
USN-3859-1: libarchive vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a denial of service...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libarchive vulnerabilities (USN-3859-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3859-1 advisory. It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a...
Ubuntu: Security Advisory (USN-3859-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3859-1: libarchive vulnerabilities
It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-1000880 affected only Ubuntu 18.04 LTS and Ubuntu 18.10. CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000880 It was discovered that...
Updated libarchive packages fix security vulnerabilities
readheader in archivereadsupportformatrar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archivereadformatrarreadheader CVE-2017-14502. Multiple security issues were found in libarchive: Processing malformed RAR archive...
Debian DSA-4360-1 : libarchive - security update
Multiple security issues were found in libarchive, a multi-format archive and compression library: Processing malformed RAR archives could result in denial of service or the execution of arbitrary code and malformed WARC, LHarc, ISO, Xar or CAB archives could result in denial of service. C Tenabl...
[SECURITY] [DSA 4360-1] libarchive security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4360-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4360-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-1000880
libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards release v3.2.0 onwards contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archivereadsupportformatwarc.c, warcread that can result in DoS - quasi-infinite run time and disk usage from ti...