18 matches found
EUVD-2024-54322
Malicious code in bioql PyPI...
Vulnerability of the header_pax_extension function in the rchive_read_support_format_tar.c component: 1844:8. The Libarchive library, which allows an attacker to trigger a service denial.
Vulnerability of the headerpaxextension function in the rchivereadsupportformattar.c component: Line 1844, character 8. The Libarchive compression library is related to the swapping of a null pointer. Exploitation of this vulnerability could allow an attacker to cause service failures remotely...
Linux Distros Unpatched Vulnerability : CVE-2023-39804
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-39804 Note that Nessus relies o...
ROS-20250819-04
Vulnerability of libarchive library for reading and writing archives in different formats is related to null pointer dereferencing in headerpaxextension function in rchivereadsupportformatformattar.c:1844:8. Exploitation of the vulnerability could allow an attacker, acting remotely to cause a...
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
...
CVE-2024-48615
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...
AZL-59385 CVE-2024-48615 affecting package cmake for versions less than 3.30.3-6
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the headerpaxextension function. An attacker can cause a system crash by providing a specially crafted TAR archive. Remediation Upgrade libarchive to version 3.8.1 or higher. References - GitHub Issue - GitH...
CVE-2024-48615
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...
PT-2025-13531 · Unknown +1 · Libarchive +1
Name of the Vulnerable Software and Affected Versions: libarchive versions 3.7.6 and earlier Description: The issue is related to a Null Pointer Dereference in the header pax extension function at rchive read support format tar.c:1844:8 when running the bsdtar program. Recommendations: For...
AZL-52625 CVE-2023-39804 affecting package tar for versions less than 1.34-3
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
UBUNTU-CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
FreeBSD Security Advisory (FreeBSD-SA-07:05.libarchive.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:05.libarchive.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Debian DSA-1455-1 : libarchive - denial of service
Several local/remote vulnerabilities have been discovered in libarchive1, a single library to read/write tar, cpio, pax, zip, iso9660 archives. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3641 It was discovered that libarchive1 would miscompute...
GLSA-200708-03 : libarchive (formerly named as bsdtar): Multiple PaX Extension Header Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200708-03 libarchive formerly named as bsdtar: Multiple PaX Extension Header Vulnerabilities CPNI, CERT-FI, Tim Kientzle, and Colin Percival reported a buffer overflow CVE-2007-3641, an infinite loop CVE-2007-3644, and a NULL...
CVE-2007-3645
archivereadsupportformattar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service crash via 1 an end-of-file condition within a tar header that follows a pax extension header or 2 a malformed pax extension header in an a PAX or a b TAR archive, which...
CVE-2007-3645
archivereadsupportformattar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service crash via 1 an end-of-file condition within a tar header that follows a pax extension header or 2 a malformed pax extension header in an a PAX or a b TAR archive, which...
CVE-2007-3644
archivereadsupportformattar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service infinite loop via 1 an end-of-file condition within a pax extension header or 2 a malformed pax extension header in an a PAX or a b TAR archive...