CVE-2015-8928

Опубликовано: 20 сент. 2016

Источник: debian

EPSS Низкий

Описание

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libarchive	fixed	3.2.0-2		package
libarchive	not-affected		wheezy	package

Примечания

https://github.com/libarchive/libarchive/issues/550
Fixed by https://github.com/libarchive/libarchive/commit/64d5628

EPSS

Процентиль: 52%

0.00295

Низкий

Связанные уязвимости

CVE-2015-8928

CVSS3: 5.5

ubuntu

почти 9 лет назад

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

CVE-2015-8928

CVSS3: 3.7

redhat

около 9 лет назад

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

CVE-2015-8928

CVSS3: 5.5

nvd

почти 9 лет назад

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

GHSA-3cfr-mv5q-x2vc

CVSS3: 5.5

github

около 3 лет назад

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

openSUSE-SU-2016:2036-1

suse-cvrf

почти 9 лет назад

Security update for libarchive

EPSS

Процентиль: 52%

0.00295

Низкий