Vulnerabilities > CVE-2024-0406

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

mholt

redhat

NVD

Published: 2024-04-06

Updated: 2025-04-25

Summary

A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privileges using the library.

Vulnerable Configurations

Part	Description	Count
Application	Mholt Mholt Archiver 3.0.0 Mholt Archiver 3.0.1 Mholt Archiver 3.1.0 Mholt Archiver 3.1.1 Mholt Archiver 3.2.0 Mholt Archiver 3.3.0 Mholt Archiver 3.3.1 Mholt Archiver 3.3.2 Mholt Archiver 3.4.0 Mholt Archiver 3.5.0 Mholt Archiver 3.5.1	11
Application	Redhat Redhat Advanced Cluster Security 3.0 Redhat Openshift Container Platform 4.18 Redhat Openshift Container Platform 4.18.1 Redhat Openshift Container Platform 4.18.2 Redhat Openshift Container Platform 4.18.3	5

Vulnerabilities > CVE-2024-0406 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-0406"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2024-0406