Search CVE reports


Toggle filters

51 – 60 of 90 results


CVE-2016-5418

Medium priority
Fixed

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive
Show less packages

CVE-2016-4809

Low priority
Fixed

The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive
Show less packages

CVE-2016-4302

Medium priority
Fixed

Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive
Show less packages

CVE-2016-4301

Medium priority
Not affected

Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive
Show less packages

CVE-2016-4300

Medium priority
Fixed

Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which...

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive
Show less packages

CVE-2016-1541

Medium priority
Fixed

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive
Show less packages

CVE-2016-10350

Low priority

Some fixes available 2 of 5

The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive Not affected
Show less packages

CVE-2016-10349

Low priority

Some fixes available 2 of 5

The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive Not affected
Show less packages

CVE-2016-10209

Low priority

Some fixes available 2 of 5

The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive Not affected
Show less packages

CVE-2015-8934

Medium priority
Fixed

The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.

1 affected package

libarchive

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libarchive
Show less packages