Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:libarchive:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductLibarchive (118c017f-f2d1-519b-9ab9-70c14320c57b)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-1632 vulnerable 2026-06-08 07:08:37.414802 libarchive bsdunzip.c list null pointer dereference
LOW (3.3)
A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-02-24T13:31:08.871Z
Updated: 2025-02-24T14:25:32.542Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-31566 vulnerable 2026-06-08 05:31:53.686308 Details available
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
Published: 2022-08-23T00:00:00.000Z
Updated: 2024-08-03T23:03:33.486Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-23177 vulnerable 2026-06-08 05:30:02.359180 Details available
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.
Published: 2022-08-23T00:00:00.000Z
Updated: 2024-08-03T19:05:55.631Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.