3 matches found
Amazon Linux 2022 : bsdcat, bsdcpio, bsdtar (ALAS2022-2022-059)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-059 advisory. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provid...
CVE-2021-36976
libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...
CVE-2021-36976
libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...