libarchive (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package libarchive, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2025-5914 — CVSS 7.8 (high): A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This…
CVE-2026-4111 — CVSS 7.5 (high): A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data()…
CVE-2026-4424 — CVSS 7.5 (high): A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper…
CVE-2024-57970 — CVSS 4.0 (medium): libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive…
CVE-2025-25724 — CVSS 4.0 (medium): list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service…