CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-36976 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2021-36976
20 Jul 2021 — libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). libarchive versiones 3.4.1 hasta 3.5.1, presenta un uso de memoria previamente liberada en la función copy_string (llamado desde do_uncompress_block y process_block) It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, an... • http://seclists.org/fulldisclosure/2022/Mar/27 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-21674
https://notcve.org/view.php?id=CVE-2020-21674
15 Oct 2020 — Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected. Un desbordamiento del búfer en la región heap de la memoria en la función archive_string_append_from_wcs() (en el archivo archive_... • https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9308 – Gentoo Linux Security Advisory 202003-28
https://notcve.org/view.php?id=CVE-2020-9308
20 Feb 2020 — archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact. El archivo archive_read_support_format_rar5.c en libarchive versiones anteriores a 3.4.2, intenta descomprimir un archivo RAR5 con un encabezado no válido o corrupto (tal y como un tamaño de encabezado de cero), conllevando a un SIGSEGV o posiblemente a otro impacto no especificado. It was ... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20459 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-19221 – libarchive: out-of-bounds read in archive_wstring_append_from_mbs in archive_string.c
https://notcve.org/view.php?id=CVE-2019-19221
21 Nov 2019 — In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive. En Libarchive versión 3.4.0, la función archive_wstring_append_from_mbs en el archivo archive_string.c presenta una lectura fuera de límites debido a una llamada mbrtowc o mbtowc incorrecta. Por ejemplo, bsdtar se bloquea por medio de un archivo diseñado. Red Hat OpenShift Container Platform is Red Hat's cloud co... • https://github.com/libarchive/libarchive/commit/22b1db9d46654afc6f0c28f90af8cdc84a199f41 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 4%CPEs: 7EXPL: 0CVE-2019-18408 – libarchive: use-after-free in archive_read_format_rar_read_data when there is an error in the decompression of an archive entry
https://notcve.org/view.php?id=CVE-2019-18408
24 Oct 2019 — archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol. La función archive_read_format_rar_read_data en el archivo archive_read_support_format_rar.c en libarchive versiones anteriores a 3.4.0, presenta un uso de la memoria previamente liberada en una determinada situación de ARCHIVE_FAILED, relacionada con Ppmd7_DecodeSymbol. A use-after-free vulnerability was discovered in li... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00012.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-11463
https://notcve.org/view.php?id=CVE-2019-11463
23 Apr 2019 — A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected. Una pérdida de memoria en la función archive_read_format_zip_cleanup en el archivo archive_read_support_format_zip.c en libarchive 3.3.4-dev permite a los atac... • https://access.redhat.com/security/cve/cve-2019-11463 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 1%CPEs: 12EXPL: 1CVE-2019-1000019 – libarchive: Out of bounds read in archive_read_support_format_7zip.c resulting in a denial of service
https://notcve.org/view.php?id=CVE-2019-1000019
04 Feb 2019 — libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. libarchive en versiones desde el commit con ID bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 y siguientes (desde la versión v3.0.2) contiene una vulne... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 0CVE-2019-1000020 – libarchive: Infinite recursion in archive_read_support_format_iso9660.c resulting in denial of service
https://notcve.org/view.php?id=CVE-2019-1000020
04 Feb 2019 — libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file. libarchive, en versiones desde el commit con ID 5a98dcf8a86364b3c2c469c85b93647dfb139961 (desde la ve... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 1%CPEs: 13EXPL: 0CVE-2018-1000877 – libarchive: Double free in RAR decoder resulting in a denial of service
https://notcve.org/view.php?id=CVE-2018-1000877
20 Dec 2018 — libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive. libarchive, con el commit con ID 416694915449219d505531b1096384f3237dd6cc y siguientes (desde la v3.1.0) cont... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0CVE-2018-1000878 – libarchive: Use after free in RAR decoder resulting in a denial of service
https://notcve.org/view.php?id=CVE-2018-1000878
20 Dec 2018 — libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive. libarchive, con el commit con ID 416694915449219d505531b1096384f3237dd6cc y siguientes (desde la v3.1.0) contiene una vulnerabilidad CWE-416:... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html • CWE-416: Use After Free •