Libarchive CVEs and Security Vulnerabilities

Filtered by vendor Libarchive Subscriptions

Filtered by product Libarchive Subscriptions

Search

Switch to Advanced Search (Beta)

Total 73 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-8689	2 Libarchive, Opensuse	2 Libarchive, Leap	2025-04-20	N/A
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.
CVE-2016-8688	2 Libarchive, Opensuse	2 Libarchive, Leap	2025-04-20	N/A
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
CVE-2016-8687	2 Libarchive, Opensuse	2 Libarchive, Leap	2025-04-20	N/A
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
CVE-2016-10350	1 Libarchive	1 Libarchive	2025-04-20	N/A
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2016-10349	1 Libarchive	1 Libarchive	2025-04-20	N/A
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2024-48615	1 Libarchive	1 Libarchive	2025-04-14	7.5 High
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
CVE-2016-4300	2 Libarchive, Redhat	9 Libarchive, Enterprise Linux, Enterprise Linux Desktop and 6 more	2025-04-12	N/A
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
CVE-2016-4302	2 Libarchive, Redhat	9 Libarchive, Enterprise Linux, Enterprise Linux Desktop and 6 more	2025-04-12	N/A
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
CVE-2016-4809	3 Libarchive, Oracle, Redhat	10 Libarchive, Linux, Enterprise Linux and 7 more	2025-04-12	N/A
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
CVE-2016-7166	3 Libarchive, Oracle, Redhat	10 Libarchive, Linux, Enterprise Linux and 7 more	2025-04-12	N/A
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
CVE-2015-8915	1 Libarchive	1 Libarchive	2025-04-12	N/A
bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file.
CVE-2015-8927	1 Libarchive	1 Libarchive	2025-04-12	N/A
The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.
CVE-2015-8933	3 Canonical, Libarchive, Suse	5 Ubuntu Linux, Libarchive, Linux Enterprise Desktop and 2 more	2025-04-12	N/A
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
CVE-2016-5418	3 Libarchive, Oracle, Redhat	11 Libarchive, Linux, Enterprise Linux and 8 more	2025-04-12	N/A
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
CVE-2016-5844	3 Libarchive, Oracle, Redhat	11 Libarchive, Linux, Solaris and 8 more	2025-04-12	N/A
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
CVE-2015-8921	4 Canonical, Libarchive, Novell and 1 more	6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more	2025-04-12	N/A
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
CVE-2015-8920	4 Canonical, Libarchive, Novell and 1 more	6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more	2025-04-12	N/A
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
CVE-2015-8924	4 Canonical, Libarchive, Novell and 1 more	6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more	2025-04-12	N/A
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.
CVE-2015-8925	4 Canonical, Libarchive, Redhat and 1 more	6 Ubuntu Linux, Libarchive, Enterprise Linux and 3 more	2025-04-12	N/A
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.
CVE-2015-8926	4 Canonical, Libarchive, Redhat and 1 more	6 Ubuntu Linux, Libarchive, Enterprise Linux and 3 more	2025-04-12	N/A
The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

« first previous Page 2 of 4. next last »