| CVE-2021-36976 |
AVG-2176 |
Medium |
Yes |
Arbitrary code execution |
libarchive has a use-after-free in copy_string (called from do_uncompress_block and process_block). |
| CVE-2019-1000020 |
AVG-837 |
Medium |
No |
Denial of service |
libarchive version >=v2.8.0 contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser,... |
| CVE-2019-1000019 |
AVG-837 |
High |
No |
Information disclosure |
libarchive version >=v3.0.2 contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes()... |
| CVE-2018-1000880 |
AVG-837 |
High |
No |
Denial of service |
A resource consumption issue has been found in libarchive >= 3.2.0 and <=3.3.3, in the _warc_read() function in archive_read_support_format_warm.c. An... |
| CVE-2018-1000879 |
AVG-837 |
Low |
No |
Denial of service |
A NULL-pointer dereference issue has been found in libarchive >= 3.3.0 and <=3.3.3, in the archive_acl_from_text_l() function in archive_acl.c. An attacker... |
| CVE-2018-1000878 |
AVG-837 |
High |
No |
Arbitrary code execution |
A use-after-free issue has been found in libarchive >= 3.1.0 and <=3.3.3, in the archive_read_format_rar_read_header() function in... |
| CVE-2018-1000877 |
AVG-837 |
High |
No |
Arbitrary code execution |
A double-free issue has been found in libarchive >= 3.1.0 and <=3.3.3, in the parse_codes() function in archive_read_support_format_rar.c. An attacker can... |