EulerOS Virtualization 2.12.0 : libarchive (EulerOS-SA-2026-1492)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...

AZL-57492 CVE-2024-45780 affecting package grub2 for versions less than 2.06-25

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...

ROS-2-2179

2.2179 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

containers/storage: DoS via malicious image

A deadlock vulnerability was found in github.com/containers/storage. When a container image is processed, each layer is unpacked using tar. If one of those layers is not a valid tar archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar...

ROS-2-2128

2.2128 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-2252

2.2252 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-2148

2.2148 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-2150

2.2150 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-2211

2.2211 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-2137

2.2137 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-2187

2.2187 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

GNOME Structured File Library Denial of Service Vulnerability

The GNOME Structured File Library libgsf is an I/O library for working with different structured file formats. A denial of service vulnerability exists in the 'tardirectoryforfile' function of the gsf-infile-tar.c file in the GNOME Structured File Library prior to version 1.14.41. An attacker can...

PT-2016-7862 · Gnome +2 · Gnome Structured File Library +2

Name of the Vulnerable Software and Affected Versions: GNOME Structured File Library versions prior to 1.14.41 Description: The issue is related to an error within the tar directory for file function in the gsf-infile-tar.c file, which can be exploited to trigger a Null pointer dereference, causi...

[Full-disclosure] Avast! AntiVirus TAR Processing Remote Heap Corruption

Avast! AntiVirus TAR Processing Remote Heap Corruption Sowhat of Nevis Labs http://www.nevisnetworks.com http://secway.org/advisory/AD20071206.txt BID: 26702 Vendor: ALWIL Software Affected: Avast! Home/Professional 4.7.1098 This vulnerability has been confirmed on Avast! Professional 4.7.1043...

DEBIAN-CVE-2007-3641

archivereadsupportformattar.c in libarchive before 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted 1 PA...