7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.4%
A flaw was found in the libarchive library. A heap-based buffer overflow in the execute_filter_e8 function in the libarchive/archive_read_support_format_rar.c file can be triggered when a specially crafted RAR archive is processed, causing a crash to the application linked to the library and resulting in a denial of service.
bugzilla.redhat.com/show_bug.cgi?id=2290445
github.com/advisories/GHSA-w6xv-37jv-7cjr
github.com/libarchive/libarchive/pull/2135
nvd.nist.gov/vuln/detail/CVE-2024-20697
www.cve.org/CVERecord?id=CVE-2024-20697
www.zerodayinitiative.com/blog/2024/4/17/cve-2024-20697-windows-libarchive-remote-code-execution-vulnerability
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.4%