0.013 Low
EPSS
Percentile
85.7%
libarchive.so is vulnerable to heap-based buffer over-read. The vulnerability can be triggered when an attacker input a malicious file to the archive_le32dec function in archive_endian.h.
archive_le32dec
archive_endian.h
github.com/libarchive/libarchive/blob/3649ed23c6b4392d692580c03b10a611e3eaaa32/libarchive/archive_endian.h#L115
github.com/libarchive/libarchive/issues/834