VYPR
Medium severity5.5OSV Advisory· Published Sep 21, 2016· Updated Jun 17, 2026

CVE-2016-7166

CVE-2016-7166

Description

libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Libarchive/LibarchiveOSV2 versions
    v3.0.0a, v3.0.1b, v3.1.900a, …+ 1 more
    • (no CPE)range: v3.0.0a, v3.0.1b, v3.1.900a, …
    • (no CPE)range: <3.2.0

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.