bsdtar (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package bsdtar, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2022-36227 — CVSS 9.8 (critical): In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if…
CVE-2021-23177 — CVSS 7.8 (high): An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link…
CVE-2021-31566 — CVSS 7.8 (high): An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of…
CVE-2025-5914 — CVSS 7.8 (high): A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This…
CVE-2026-4424 — CVSS 7.5 (high): A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper…
CVE-2026-5121 — CVSS 7.5 (high): A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A…