Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
未加检查的返回值
Vulnerability Title
libarchive 安全漏洞
Vulnerability Description
libarchive是libarchive开源的一款多格式存档和压缩库。 libarchive 3.7.7及之前版本存在安全漏洞,该漏洞源于未检查strftime返回值,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A