libarchive

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Multi-format archive and compression library
Version 3.3.3-1 [core]

Open

Group Affected Fixed Severity Status Ticket
AVG-837 3.3.3-1 3.3.3-2 High Vulnerable
Issue Group Severity Remote Type Description
CVE-2019-1000020 AVG-837 Medium No Denial of service
ibarchive version >=v2.8.0 contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser,...
CVE-2019-1000019 AVG-837 High No Information disclosure
libarchive version >=v3.0.2 contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes()...
CVE-2018-1000880 AVG-837 High No Denial of service
A resource consumption issue has been found in libarchive >= 3.2.0 and <=3.3.3, in the _warc_read() function in archive_read_support_format_warm.c. An...
CVE-2018-1000879 AVG-837 Low No Denial of service
A NULL-pointer dereference issue has been found in libarchive >= 3.3.0 and <=3.3.3, in the archive_acl_from_text_l() function in archive_acl.c. An attacker...
CVE-2018-1000878 AVG-837 High No Arbitrary code execution
A use-after-free issue has been found in libarchive >= 3.1.0 and <=3.3.3, in the archive_read_format_rar_read_header() function in...
CVE-2018-1000877 AVG-837 High No Arbitrary code execution
A double-free issue has been found in libarchive >= 3.1.0 and <=3.3.3, in the parse_codes() function in archive_read_support_format_rar.c. An attacker can...