VYPR

rpm package

suse/libarchive&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6

pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6

Vulnerabilities (5)

  • CVE-2026-5121HigMar 30, 2026
    affected < 3.7.2-150600.3.20.1fixed 3.7.2-150600.3.20.1

    A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potent

  • CVE-2026-4426MedMar 19, 2026
    affected < 3.7.2-150600.3.20.1fixed 3.7.2-150600.3.20.1

    A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO f

  • CVE-2026-4424HigMar 19, 2026
    affected < 3.7.2-150600.3.20.1fixed 3.7.2-150600.3.20.1

    A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specia

  • CVE-2026-4111HigMar 13, 2026
    affected < 3.7.2-150600.3.20.1fixed 3.7.2-150600.3.20.1

    A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forw

  • CVE-2025-60753Nov 5, 2025
    affected < 3.7.2-150600.3.20.1fixed 3.7.2-150600.3.20.1

    An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).