VYPR
Unrated severityOSV Advisory· Published Apr 23, 2019· Updated Aug 4, 2024

CVE-2019-11463

CVE-2019-11463

Description

A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Libarchive/LibarchiveOSV2 versions
    v3.0.0a, v3.0.1b, v3.1.900a, …+ 1 more
    • (no CPE)range: v3.0.0a, v3.0.1b, v3.1.900a, …
    • (no CPE)range: = 3.3.4-dev (development)

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.