Vulnerabilities (CVE)

Filtered by vendor Libarchive Subscribe

Filtered by product Libarchive

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-0211	5 Canonical, Fedoraproject, Freebsd and 2 more	5 Ubuntu Linux, Fedora, Freebsd and 2 more	2018-10-30	5.0 MEDIUM	N/A
Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.
CVE-2015-2304	3 Canonical, Libarchive, Opensuse	3 Ubuntu Linux, Libarchive, Opensuse	2018-10-30	6.4 MEDIUM	N/A
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.