apk package
chainguard/libarchive-doc
pkg:apk/chainguard/libarchive-doc
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-5121 | Hig | 7.5 | < 3.8.7-r0 | 3.8.7-r0 | Mar 30, 2026 | A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potent | |
| CVE-2026-4426 | Med | 6.5 | < 3.8.7-r2 | 3.8.7-r2 | Mar 19, 2026 | A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO f | |
| CVE-2026-4424 | Hig | 7.5 | < 3.8.7-r2 | 3.8.7-r2 | Mar 19, 2026 | A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specia | |
| CVE-2025-25724 | — | < 3.7.7-r2 | 3.7.7-r2 | Mar 2, 2025 | list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be suf | ||
| CVE-2025-1632 | — | < 3.7.7-r2 | 3.7.7-r2 | Feb 24, 2025 | A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been discl | ||
| CVE-2024-57970 | Med | 4.0 | < 3.7.7-r2 | 3.7.7-r2 | Feb 16, 2025 | libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname. | |
| CVE-2024-37407 | — | < 3.7.4-r0 | 3.7.4-r0 | Jun 8, 2024 | Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c. | ||
| CVE-2024-26256 | — | < 3.7.4-r0 | 3.7.4-r0 | Apr 9, 2024 | Libarchive Remote Code Execution Vulnerability | ||
| CVE-2024-20697 | — | < 3.7.4-r0 | 3.7.4-r0 | Jan 9, 2024 | Windows libarchive Remote Code Execution Vulnerability | ||
| CVE-2023-30571 | — | < 3.7.7-r2 | 3.7.7-r2 | May 29, 2023 | Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setti | ||
| CVE-2022-36227 | — | < 3.6.1-r2 | 3.6.1-r2 | Nov 22, 2022 | In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties disp |
- affected < 3.8.7-r0fixed 3.8.7-r0
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potent
- affected < 3.8.7-r2fixed 3.8.7-r2
A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO f
- affected < 3.8.7-r2fixed 3.8.7-r2
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specia
- CVE-2025-25724Mar 2, 2025affected < 3.7.7-r2fixed 3.7.7-r2
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be suf
- CVE-2025-1632Feb 24, 2025affected < 3.7.7-r2fixed 3.7.7-r2
A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been discl
- affected < 3.7.7-r2fixed 3.7.7-r2
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
- CVE-2024-37407Jun 8, 2024affected < 3.7.4-r0fixed 3.7.4-r0
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c.
- CVE-2024-26256Apr 9, 2024affected < 3.7.4-r0fixed 3.7.4-r0
Libarchive Remote Code Execution Vulnerability
- CVE-2024-20697Jan 9, 2024affected < 3.7.4-r0fixed 3.7.4-r0
Windows libarchive Remote Code Execution Vulnerability
- CVE-2023-30571May 29, 2023affected < 3.7.7-r2fixed 3.7.7-r2
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask() call inside archive_write_disk_posix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setti
- CVE-2022-36227Nov 22, 2022affected < 3.6.1-r2fixed 3.6.1-r2
In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties disp