libarchive vulnerabilities

Known vulnerabilities in the libarchive package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Heap-based Buffer Overflow	*
L Out-of-bounds Write	*
C Double Free	*
L Integer Overflow or Wraparound	*
L Out-of-bounds Read	*
L CVE-2025-25724	<3.7.4-3
L NULL Pointer Dereference	<3.7.4-2
H CVE-2024-20696	<3.7.4-1.1
H Out-of-bounds Read	<3.7.2-2.1
H Out-of-bounds Read	<3.7.2-2.1
H Out-of-bounds Write	<3.7.2-2.1
L Race Condition	*
C NULL Pointer Dereference	<3.6.2-1
M Out-of-bounds Read	<3.6.2-1
H Link Following	<3.5.2-1
H Link Following	<3.5.2-1
M Use After Free	<3.6.0-1
H Improper Input Validation	<3.4.0-2
M Out-of-bounds Read	<3.4.2-1
H Use After Free	<3.4.0-1
L Out-of-bounds Read	<3.3.3-4
L Loop with Unreachable Exit Condition ('Infinite Loop')	<3.3.3-4
H Double Free	<3.3.3-2
M NULL Pointer Dereference	<3.3.3-2
H Use After Free	<3.3.3-2
M Out-of-Bounds	<3.3.3-2
M Out-of-bounds Read	<3.2.2-4.1
H Out-of-bounds Read	<3.2.2-4.1
M Out-of-bounds Read	<3.2.2-4.2
M Out-of-bounds Read	<3.2.2-3.1
M Out-of-Bounds	<3.2.2-3.1
M Out-of-Bounds	<3.2.2-3.1
L NULL Pointer Dereference	<3.2.2-3.1
H Out-of-bounds Read	<3.2.1-5
M Out-of-bounds Read	<3.2.1-5
H Out-of-Bounds	<3.2.1-5
H Out-of-bounds Read	<3.2.1-6
H Out-of-Bounds	<3.2.1-1
M Resource Management Errors	<3.2.0-2
H Integer Overflow or Wraparound	<3.2.1-1
H Out-of-Bounds	<3.2.1-1
L Integer Overflow or Wraparound	<3.2.1-1
M Integer Overflow or Wraparound	<3.2.1-1
H Improper Input Validation	<3.2.1-1
H Improper Input Validation	<3.2.1-4
H Out-of-Bounds	<3.2.0-2
M NULL Pointer Dereference	<3.2.0-2
M Out-of-bounds Read	<3.2.1-1
M Out-of-bounds Read	<3.2.0-2
L Out-of-bounds Read	<3.2.0-2
M Out-of-Bounds	<3.2.0-2
M Integer Overflow or Wraparound	<3.2.0-2
M Out-of-bounds Read	<3.2.0-2
M Out-of-bounds Read	<3.2.0-2
H Out-of-bounds Read	<3.2.0-2
M NULL Pointer Dereference	<3.2.0-2
H NULL Pointer Dereference	<3.2.0-2
M Improper Input Validation	<3.2.0-2
H Improper Input Validation	<3.2.0-2
H Integer Overflow or Wraparound	<3.2.0-2
M Improper Input Validation	<3.2.0-2
M NULL Pointer Dereference	<3.2.0-2
M Out-of-bounds Read	<3.2.0-2
M Out-of-bounds Read	<3.2.0-2
H Improper Input Validation	<3.1.2-11.1
M Directory Traversal	<3.1.2-11
M Numeric Errors	<3.0.4-3
M Out-of-Bounds	<2.8.5-5
H Out-of-Bounds	<3.0.4-2
M Out-of-Bounds	<2.8.5-5
H Resource Management Errors	<3.0.4-2
L CVE-2007-3645	<2.2.4-1
L CVE-2007-3641	<2.2.4-1
L CVE-2007-3644	<2.2.4-1
L CVE-2006-5680	<1.3.1-1

Vulnerability

Vulnerable Version

Heap-based Buffer Overflow