libarchive (SUSE:Linux Enterprise Software Development Kit 12 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP3 package libarchive, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2017-14502 — CVSS 7.5 (high): read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives…
CVE-2017-14166 — CVSS 6.5 (medium): libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a…
CVE-2017-14501 — CVSS 6.5 (medium): An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a…
CVE-2017-14503 — CVSS 6.5 (medium): libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a…
CVE-2016-10349 — CVSS 5.5 (medium): The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based…
CVE-2016-10350 — CVSS 5.5 (medium): The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause…
CVE-2016-10209 — CVSS 5.5 (medium): The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service…