Описание
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
A vulnerability was found in libarchive. A specially crafted gzip file can cause libarchive to allocate memory without limit, eventually leading to a crash.
Дополнительная информация
Статус:
EPSS
3.5 Low
CVSS3
3.5 Low
CVSS2
Связанные уязвимости
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
libarchive before 3.2.0 does not limit the number of recursive decompr ...
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
Уязвимость библиотеки libarchive, существующая из-за ошибки управления ресурсами, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
3.5 Low
CVSS3
3.5 Low
CVSS2