129 matches found
Astra Linux – Vulnerability in xz-utils
XZ Utils provides a general-purpose data-compression library along with command-line tools. Prior to version 5.8.3, if the lzmaindexdecoder function was used to decode an Index that contained no Records, the resulting lzmaindex would be in a state where subsequent calls to lzmaindex.Append would...
USN-8362-1: XZ Utils vulnerability
It was discovered that XZ Utils did not properly manage memory when attempting to append data to a decoded index that contained no records. An attacker could possibly use this issue to cause XZ Utils to crash, resulting in a denial of service, or execute arbitrary code...
ROS-20260526-73-0007
A vulnerability in the lzmaindexappend function of the XZ Utils data compression package is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
Exploit for Embedded Malicious Code in Tukaani Xz
Security Review: CVE-2024-3094 XZ Utils Backdoor Автор:...
ROOT-OS-DEBIAN-13-CVE-2026-34743 CVE-2026-34743 in rootio-xz-utils - Patched by Root
Root has patched CVE-2026-34743 in the rootio-xz-utils package for Root:Debian:13. Multiple fixed versions available...
Unity Linux 20.1070e Security Update: xz (UTSA-2026-014304)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014304 advisory. XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that...
ROOT-OS-DEBIAN-11-CVE-2026-34743 CVE-2026-34743 in rootio-xz-utils - Patched by Root
Root has patched CVE-2026-34743 in the rootio-xz-utils package for Root:Debian:11. Multiple fixed versions available...
OESA-2026-1853 xz security update
XZ Utils is free general-purpose data compression software with a high compression ratio. XZ Utils were written for POSIX-like systems, but also work on some not-so-POSIX systems. XZ Utils are the successor to LZMA Utils. Security Fixes: XZ Utils provide a general-purpose data-compression library...
CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-34743)
The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-34743 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-34743)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-34743 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to...
Beyond Single Reports: Evaluating Automated ATT&CK Technique Extraction in Multi-Report Campaign Settings
Large-scale cyberattacks, referred to as campaigns, are documented across multiple CTI reports from diverse sources, with some providing a high-level overview of attack techniques and others providing technical details. Extracting attack techniques from reports is essential for organizations to...
ROOT-OS-DEBIAN-12-CVE-2026-34743 CVE-2026-34743 in rootio-xz-utils - Patched by Root
Root has patched CVE-2026-34743 in the rootio-xz-utils package for Root:Debian:12. Multiple fixed versions available...
XZ Utils: Buffer overflow in lzma_index_append()
...
ALPINE-CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...
CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...
UBUNTU-CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...
CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...
CVE-2026-34743 XZ Utils: Buffer overflow in lzma_index_append()
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...
CVE-2026-34743
XZ Utils contains a vulnerability (CVE-2026-34743) in lzma_index_append() when decoding an empty index with lzma_index_decoder(), which could leave the index in a state that permits a buffer overflow. The issue affects versions prior to 5.8.3; a patch is available in 5.8.3. Affected component is ...
CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...