CVE-2022-36227

CVE-2022-36227 affects libarchive (before 3.6.2). The bug is a NULL pointer dereference caused by not checking the result of calloc, which can return NULL and lead to dereference. Some sources acknowledge that this could in rare circumstances permit arbitrary code execution if NULL is treated as ...

CVE-2024-26256

CVE-2024-26256 is a Libarchive remote code execution vulnerability. Multiple connected sources confirm a flaw in the libarchive library (notably in the rar e8 filter) that can lead to arbitrary code execution when processing crafted RAR archives. Public mitigations are version-specific: Debian li...

CVE-2019-18408

CVE-2019-18408 affects the libarchive library: a use-after-free in archive_read_format_rar_read_data (archive_read_support_format_rar.c) in a certain ARCHIVE_FAILED scenario, related to Ppmd7_DecodeSymbol, occurring in versions before 3.4.0. The issue is triggered while decompressing a crafted ar...

CVE-2024-37407

CVE-2024-37407 affects the libarchive library (before 3.7.4). The vulnerability occurs when processing a ZIP archive that contains an empty-name file with mac-ext enabled, in slurp_central_directory of archive_read_support_format_zip.c, which can cause name out-of-bounds access. Affected versions...

CVE-2025-25724

CVE-2025-25724 affects libarchive up to 3.7.7. The issue is in tar/util.c: list_item_verbose does not check the return value of strftime, which can enable a denial of service or other impact when reading a crafted TAR with verbose=2, potentially impacted by locale-specific buffer sizing. Connecte...

CVE-2025-1632

Vulnerability CVE-2025-1632 affects libarchive up to 3.7.7, with a null pointer dereference in bsdunzip.c. Multiple connected sources (dev notices for libarchive-3.7.7 and packaging advisories) indicate exploitation is locally approachable and that a patch exists in newer builds (e.g., 3.7.7-2 an...

CVE-2023-30571

CVE-2023-30571 affects libarchive up to version 3.6.2. The umask() change in archive_write_disk_posix.c allows a race condition between threads that can leave the process with a permanent umask of 0, potentially causing implicit directory creation with 0777 permissions (without sticky bit). This ...

CVE-2019-19221

CVE-2019-19221 affects libarchive 3.4.0 and involves an out-of-bounds read in archive_wstring_append_from_mbs in archive_string.c due to an incorrect mbrtowc/mbtowc call, which can crash bsdtar when processing a crafted archive. Connected sources confirm remediation across multiple distributions ...

CVE-2021-31566

CVE-2021-31566 affects the libarchive library and is documented across multiple advisories. The flaw is an improper link resolution during archive extraction that can change file modes, times, ACLs and flags of files outside the archive, potentially enabling a local privilege escalation. Connecte...

CVE-2021-23177

CVE-2021-23177 concerns an improper link resolution flaw in libarchive when extracting archives. A crafted archive could trigger changes to the ACL of the link target, potentially allowing a local attacker to modify file ACLs and gain higher privileges. The vulnerability is described across multi...

CVE-2021-36976

CVE-2021-36976 affects libarchive 3.4.1 through 3.5.1 with a use-after-free in copy_string (invoked by do_uncompress_block and process_block). Connected advisories show affected packages across multiple distributions (e.g., Debian libarchive updates to 3.4.3-2+deb11u2; Fedora/libarchive 3.5.3-1; ...

CVE-2022-26280

Libarchive 3.6.0 contains an out-of-bounds read in the zipx_lzma_alone_init component. Affected: libarchive (library) and its use in programs linked against it; impact can include crashes or information disclosure as described in linked advisories. Remediation: upgrade to a fixed version (e.g., l...

CVE-2020-9308

libarchive (versions up to 3.4.2) is affected by CVE-2020-9308 due to archive_read_support_format_rar5.c handling of a RAR5 header with zero/invalid header size, potentially causing a SIGSEGV or other impact. Affected platforms include Fedora 3.4.2 and earlier packages; advisories recommend upgra...

CVE-2018-1000877

CVE-2018-1000877 is a double-free in libarchive’s RAR decoder (parse_codes in archive_read_support_format_rar.c) that can crash the process or enable a DoS when a victim opens a specially crafted RAR file. The issue occurs when realloc(rar->lzss.window, new_size) is invoked with new_size = 0. ...

CVE-2019-1000020

CVE-2019-1000020 affects libarchive. The documented issue is an infinite loop in the ISO9660 parser (archive_read_support_format_iso9660.c)—specifically in read_CE()/parse_rockridge()—which can cause DoS when a victim opens a specially crafted ISO9660 file. Affected: libarchive versions from v2.8...

CVE-2019-1000019

CVE-2019-1000019 concerns libarchive’s 7z decompression path. Affected versions (from release v3.0.2 onward) contain a CWE-125 Out-of-bounds Read in archive_read_support_format_7zip.c header_bytes(), exploitable by opening a specially crafted 7zip file and causing a crash/DoS. Public reports conf...

CVE-2018-1000880

CVE-2018-1000880 affects libarchive’s WARC parsing code: the function _warc_read() in archive_read_support_format_warc.c has improper input validation, enabling a denial-of-service via specially crafted WARC files. Public sources indicate libarchive versions 3.2.0 through 3.3.3 are vulnerable, wi...

CVE-2018-1000878

The CVE-2018-1000878 entry concerns libarchive’s RAR decoder. A Use After Free in archive_read_support_format_rar.c can crash the process or enable denial-of-service when opening a specially crafted RAR file; exploitation appears to require user interaction (opening the archive). Affected upstrea...

CVE-2025-5914

CVE-2025-5914 affects libarchive. The vuln is in archive_read_format_rar_seek_data() and stems from an integer overflow that can lead to a double-free, causing memory corruption with potential arbitrary code execution or denial of service. Public docs in Debian/Red Hat/AlmaLinux advisories confir...

CVE-2017-14502

CVE-2017-14502 affects libarchive 3.3.2, where read_header in archive_read_support_format_rar.c has an off-by-one error for UTF-16 names in RAR archives, causing an out-of-bounds read in archive_read_format_rar_read_header. The vulnerability can lead to denial of service or, in some reports, pote...

CVE-2016-1541

CVE-2016-1541 affects libarchive and describes a heap-based buffer overflow in the function zip_read_mac_metadata (archive_read_support_format_zip.c) in versions before 3.2.0. A crafted ZIP entry-size can allow an attacker to execute arbitrary code on the affected system. The issue is addressed u...

CVE-2017-14503

Summary: CVE-2017-14503 affects libarchive 3.3.2, where an out‑of‑bounds read occurs in archive_read_support_format_lha.c (lha_read_data_none) while extracting specially crafted LHA archives. The issue is connected to lha_crc16 and can lead to a crash/Denial of Service per multiple advisories. Co...

CVE-2018-1000879

CVE-2018-1000879 is a NULL Pointer Dereference in libarchive’s ACL parser (archive_acl_from_text_l()) that can cause a crash or DoS when a victim opens a specially crafted archive. The issue was reported for libarchive versions from commit 379867ec... onward (release 3.3.0+), with multiple adviso...

CVE-2017-14166

CVE-2017-14166 affects libarchive and causes a denial of service via a heap-based buffer over-read in the atol8 handling inside archive_read_support_format_xar.c when processing crafted XAR files. This is evidenced across multiple advisories (IBM App Connect Enterprise/Bulletin, IBM MQ/Operator b...

CVE-2017-14501

libarchive 3.3.2 is affected by CVE-2017-14501 via an out-of-bounds read in archive_read_support_format_iso9660.c (parse_file_info). A crafted ISO9660 file could trigger a heap-based overflow and remote code execution. The vulnerability requires a user or process to extract the crafted archive. I...

CVE-2017-5601

CVE-2017-5601 affects libarchive 3.2.2, where an error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) allows a remote attacker to trigger an out-of-bounds read and crash the application via a specially crafted archive. External sources in the connected documents cons...

CVE-2016-4302

CVE-2016-4302 - libarchive heap overflow in RAR parsing A heap-based buffer overflow vulnerability exists in the parse_codes function of archive_read_support_format_rar.c within libarchive before 3.2.1. A crafted RAR file with a zero-sized dictionary can cause arbitrary code execution. Affected p...

CVE-2016-4300

CVE-2016-4300 affects libarchive, specifically the read_SubStreamsInfo function in archive_read_support_format_7zip.c. Before version 3.2.1, processing a 7-zip file with a large number of substreams can trigger a heap-based buffer overflow, enabling remote code execution under the described condi...

CVE-2016-4809

The CVE-2016-4809 vulnerability affects libarchive (archive_read_format_cpio_read_header in archive_read_support_format_cpio.c) and allows a remote attacker to cause an application crash (DoS) by processing a CPIO archive containing a large symlink. Affected upstream is libarchive

CVE-2016-8687

CVE-2016-8687 is a stack-based buffer overflow in the libarchive 3.2.1 implementation of safe_fprintf (tar/util.c). A crafted, non-printable multibyte character in a filename can trigger remote denial of service. The connected documents confirm the affected library and function but do not provide...

CVE-2016-6250

Summary: CVE-2016-6250 affects libarchive’s ISO9660 writer and causes an integer overflow when verifying filename lengths during ISO9660 archive creation, potentially triggering a buffer overflow that can crash the application or allow code execution. Public disclosures and multiple vendor adviso...

CVE-2015-8934

CVE-2015-8934 affects libarchive up to version 3.2.0, with a flaw in copy_from_lzss_window inside archive_read_support_format_rar.c that can trigger an out-of-bounds heap read via a crafted RAR file, leading to denial of service. Public advisories from multiple vendors describe this as part of a ...

CVE-2015-8915

CVE-2015-8915 : In libarchive, the bsdcpio component is affected by an invalid read in the cpio handling when using versions prior to 3.2.0, which can cause a denial of service (crash) on processing crafted cpio archives. The connected documents confirm this vulnerability is tied to libarchive’s ...

CVE-2015-8924

CVE-2015-8924 affects libarchive’s TAR parser: archive_read_format_tar_read_header allows an out-of-bounds read when processing a crafted tar file, potentially enabling denial of service. The vulnerability exists in libarchive before version 3.2.0. Public advisories indicate multiple vendors have...

CVE-2016-5844

CVE-2016-5844 is a vulnerability in libarchive prior to 3.2.1 where an integer overflow in the ISO parser can be triggered by a crafted ISO file, leading to denial of service (application crash). Affected components include libarchive and related tools such as bsdtar/cpio. Public advisories (Debi...

CVE-2016-10349

CVE-2016-10349 affects libarchive 3.2.2 and involves a heap-based buffer over-read in archive_endian.h (archive_le32dec). Remote files can crash the app (DoS). Public references include CVE details and Debian advisories. Remediation: upgrade libarchive to a fixed version; Debian lists 3.2.2-2+deb...

CVE-2015-8920

CVE-2015-8920 affects the libarchive project, specifically the _ar_read_header function in archive_read_support_format_ar.c. A crafted ar file can trigger an out-of-bounds stack read, enabling a denial of service. Public references consistently describe this as a vulnerability in libarchive versi...

CVE-2016-10350

CVE-2016-10350 affects libarchive (archive_read_format_cab_read_header in archive_read_support_format_cab.c, libarchive 3.2.2). A crafted CAB file can trigger a heap-based buffer over-read, causing a denial of service (application crash). Public sources confirm multiple vendors/advisories (Debian...

CVE-2015-8931

CVE-2015-8931 involves multiple integer overflows in libarchive’s mtree support. The vulnerability arises in archive_read_support_format_mtree.c (mtree parser) in libarchive before 3.2.0, potentially allowing a remote attacker to trigger undefined behavior via a crafted mtree file. Connected advi...

CVE-2016-7166

CVE-2016-7166 affects libarchive. The issue arises when processing gzip files: libarchive 3.x allows unlimited recursive decompressions, leading to memory exhaustion and potential application crash (Denial of Service). Affected: libarchive prior to 3.2.0. Impact is a resource exhaustion DoS; no e...

CVE-2015-8932

The CVE-2015-8932 issue affects the libarchive library, specifically the compress_bidder_init function in archive_read_support_filter_compress.c, before version 3.2.0. A crafted tar file can trigger an invalid left shift, allowing a remote attacker to cause a denial of service (crash). Public ref...

CVE-2015-8933

CVE-2015-8933 is a Libarchive vulnerability: an integer overflow in archive_read_support_format_tar_skip() within archive_read_format_tar.c, affecting Libarchive prior to 3.2.0. This can allow a remote attacker to crash a target via a crafted tar file (DoS). The connected Nessus/EulerOS entries c...

CVE-2016-5418

CVE-2016-5418 affects libarchive up to and including version 3.2.0, where sandboxing of archives with hardlinks mishandles entries of non-zero data size. This can allow a remote attacker to write to arbitrary files via a crafted archive, as described in multiple advisories. Public reports referen...

CVE-2016-8689

CVE-2016-8689 affects libarchive 3.2.1, where the read_Header function in archive_read_support_format_7zip.c allows an out-of-bounds read via multiple EmptyStream attributes in a 7zip header, leading to denial of service. Public docs confirm this as a libarchive vulnerability and cite affected ve...

CVE-2024-48958

CVE-2024-48958 affects libarchive’s archive_read_support_format_rar.c, where execute_filter_delta can trigger out-of-bounds access in crafted archives because src can move beyond dst. Affects libarchive up to version 3.7.4 (pre-3.7.5). Mitigation: upgrade to 3.7.5 or later; the issue is resolved ...

CVE-2015-8921

CVE-2015-8921 : libarchive’s mtree parser in archive_entry.c is vulnerable to an out-of-bounds read via a crafted mtree file, affecting libarchive prior to 3.2.0. This can allow a remote attacker to read memory beyond a statically declared structure. Multiple security advisories (Debian DSA-3657-...

CVE-2024-48957

CVE-2024-48957 affects libarchive prior to 3.7.5. The vulnerability is in execute_filter_audio within archive_read_support_format_rar.c, allowing out-of-bounds access when processing a crafted archive because src can move beyond dst. Connected documents consistently describe this as a libarchive ...

CVE-2015-8928

CVE-2015-8928 affects libarchive MTREE parser: an out-of-bounds read in process_add_entry() when processing a crafted mtree file. Impact is denial of service and potential information disclosure. Affected upstream: libarchive before 3.2.0. Remediation: upgrade to 3.2.0 or later where fixed. Other...

CVE-2025-5917

CVE-2025-5917: libarchive contains an off-by-one miscalculation when handling file name prefixes/suffixes, leading to a 1-byte write overflow. Affected: libarchive versions before 3.8.0. Consequences include unpredictable behavior, crashes, or potential exploitation as a memory corruption buildin...

CVE-2015-8919

CVE-2015-8919 affects libarchive prior to 3.2.0, where the lha_read_file_extended_header path in archive_read_support_format_lha.c is exploitable via crafted LHA/LZH files. This causes an out-of-bounds read which can overflow the heap, enabling a remote attacker to crash the application and poten...