CVE-2025-1632

Medium CVSS: 4.8

A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Libarchive

Product

Libarchive

CWE

CWE-404

Yayın Tarihi

2025-02-24 14:15:11

Güncelleme

2025-03-25 15:41:41

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Libarchive MEDIUM Libarchive 2025

Referanslar

https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc

Benzer Kayıtlar

Medium

CVE-2025-60753

An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c whe…

Low

CVE-2025-5916

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be trigge…

Low

CVE-2025-5917

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when ha…

Low

CVE-2025-5918

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped in…

High

CVE-2025-5914

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data…

Medium

CVE-2025-5915

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the…