Vulnerabilities > Libarchive > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-06-08 CVE-2024-37407 Out-of-bounds Read vulnerability in Libarchive
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled.
network
low complexity
libarchive CWE-125
critical
9.1
2022-11-22 CVE-2022-36227 NULL Pointer Dereference vulnerability in multiple products
In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.
network
low complexity
libarchive debian fedoraproject splunk CWE-476
critical
9.8