Lucene search
K

65 matches found

Oracle linux
Oracle linux
added 2019/11/14 12:0 a.m.30 views

libarchive security and bug fix update

3.3.2-7 - fix use-after-free in delayed newc link processing 1602575 - fix a few obvious resource leaks and strcpy misuses 1602575 3.3.2-6 - fixed use after free in RAR decoder 1700752 - fixed double free in RAR decoder 1700753 3.3.2-5 - release bump due to gating 1680768 3.3.2-4 - fix...

8.8CVSS0.2AI score0.04575EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2019/11/05 10:28 p.m.4 views

libarchive: Use after free in RAR decoder resulting in a denial of service

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be...

8.8CVSS6.5AI score0.04449EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/05 10:28 p.m.8 views

libarchive: Double free in RAR decoder resulting in a denial of service

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...

8.8CVSS6.5AI score0.04575EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/05 10:28 p.m.67 views

Moderate: Red Hat Security Advisory: libarchive security and bug fix update

An update for libarchive is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.8CVSS6.6AI score0.04575EPSS
Exploits1References7
Amazon
Amazon
added 2019/10/21 12:0 a.m.35 views

Medium: libarchive

Issue Overview: libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive, related to lhacrc16.CVE-2017-14503 libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0...

8.8CVSS7.4AI score0.04575EPSS
Exploits1
Cent OS
Cent OS
added 2019/08/30 3:11 a.m.198 views

bsdcpio, bsdtar, libarchive security update

CentOS Errata and Security Advisory CESA-2019:2298 An update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS6.5AI score0.04575EPSS
Exploits1References7
ALT Linux
ALT Linux
added 2019/08/22 12:0 a.m.59 views

Security fix for the ALT Linux 10 package libarchive version 3.4.0-alt1

Aug. 22, 2019 Aleksei Nikiforov 3.4.0-alt1 - Updated to upstream version 3.4.0. - Fixes: + CVE-2018-1000877 Double Free vulnerability in RAR decoder + CVE-2018-1000878 Use After Free vulnerability in RAR decoder + CVE-2018-1000879 NULL Pointer Dereference vulnerability in ACL parser +...

6.8CVSS7.7AI score0.04575EPSS
Exploits1
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.44 views

libarchive security update

3.1.2-12 - fixed use after free in RAR decoder 1700749 - fixed double free in RAR decoder 1700748 3.1.2-11 - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 - fix infinite loop in ISO9660 CVE-2019-1000020...

8.8CVSS1AI score0.04575EPSS
Exploits1
Veracode
Veracode
added 2019/08/08 12:8 a.m.29 views

Denial Of Service (DoS)

libarchive is vulnerable to denial of service DoS. It is possible due to use after free in RAR decoder...

8.8CVSS2.4AI score0.04449EPSS
Exploits0References20Affected Software1
RedHat Linux
RedHat Linux
added 2019/08/06 1:39 p.m.17 views

libarchive: Double free in RAR decoder resulting in a denial of service

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...

8.8CVSS6.5AI score0.04575EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2019/05/14 12:21 p.m.37 views

CVE-2018-10115

Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service segmentation fault or execute arbitrary code via a crafted RAR archive...

9.8CVSS7.6AI score0.04666EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.38 views

EulerOS Virtualization for ARM 64 3.0.1.0 : libarchive (EulerOS-SA-2019-1390)

According to the versions of the libarchive package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-41...

8.8CVSS6.4AI score0.04575EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/15 12:0 a.m.36 views

openSUSE Security Update : libarchive (openSUSE-2019-1196)

This update for libarchive fixes the following issues : Security issues fixed : - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 - CVE-2018-1000879: Fixed a NULL pointer Dereference...

8.8CVSS6.2AI score0.04575EPSS
Exploits1References12
OSV
OSV
added 2019/04/12 7:23 a.m.12 views

OPENSUSE-SU-2019:1196-1 Security update for libarchive

This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 - CVE-2018-1000879: Fixed a NULL Pointer Dereference...

8.8CVSS7.6AI score0.04575EPSS
Exploits1References13
OPENSUSE Linux
OPENSUSE Linux
added 2019/04/12 12:0 a.m.239 views

Security update for libarchive (moderate)

openSUSE Security Update: Security update for libarchive Announcement ID: openSUSE-SU-2019:1196-1 Rating: moderate References: 1120653 1120654 1120656 1120659 1124341 1124342 Cross-References: CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 CVE-2019-1000019 CVE-2019-1000020...

8.8CVSS6.6AI score0.04575EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.33 views

SUSE SLED15 / SLES15 Security Update : libarchive (SUSE-SU-2019:0831-1)

This update for libarchive fixes the following issues : Security issues fixed : CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 CVE-2018-1000879: Fixed a NULL pointer Dereference...

8.8CVSS6.3AI score0.04575EPSS
Exploits1References19
OSV
OSV
added 2019/04/01 11:58 a.m.6 views

SUSE-SU-2019:0831-1 Security update for libarchive

This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 - CVE-2018-1000879: Fixed a NULL Pointer Dereference...

8.8CVSS7.5AI score0.04575EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2019/03/26 12:0 a.m.36 views

EulerOS 2.0 SP3 : libarchive (EulerOS-SA-2019-1094)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerabili...

8.8CVSS6.3AI score0.04575EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/03/08 12:0 a.m.36 views

EulerOS 2.0 SP5 : libarchive (EulerOS-SA-2019-1067)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerabili...

8.8CVSS6.3AI score0.04575EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/01/07 9:52 a.m.28 views

CVE-2018-1000877

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...

8.8CVSS5.4AI score0.04575EPSS
Exploits0References2
Rows per page
Query Builder