Libarchive
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:libarchive:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Libarchive (118c017f-f2d1-519b-9ab9-70c14320c57b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-1632 |
vulnerable | 2026-06-08 07:08:37.414802 |
libarchive bsdunzip.c list null pointer dereference
LOW (3.3)
A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-02-24T13:31:08.871Z
Updated: 2025-02-24T14:25:32.542Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31566 |
vulnerable | 2026-06-08 05:31:53.686308 |
Details available
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
Published: 2022-08-23T00:00:00.000Z
Updated: 2024-08-03T23:03:33.486Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-23177 |
vulnerable | 2026-06-08 05:30:02.359180 |
Details available
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.
Published: 2022-08-23T00:00:00.000Z
Updated: 2024-08-03T19:05:55.631Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.