0.001 Low
EPSS
Percentile
32.7%
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.
bugzilla.redhat.com/show_bug.cgi?id=1801635
nvd.nist.gov/vuln/detail/CVE-2019-19221
www.cve.org/CVERecord?id=CVE-2019-19221