HIGH7.3
Уязвимость библиотеки Libarchive операционной системы Windows, позволяющая нарушителю выполнить произвольный код
CVSS 3.xHIGH 7.3
CVSS:3.x/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HCVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:CReferences
ALT-PU-2024-17244-2Package update libarchive in branch p10_e2k
Severity:
Closed issues (4)
HIGH7.8
Уязвимость библиотеки архивирования libarchive операционных систем Windows, позволяющая нарушителю выполнить произвольный код
CVSS 3.xHIGH 7.8
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HCVSS 2.0HIGH 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:CReferences
HIGH7.3
Windows libarchive Remote Code Execution Vulnerability
CVSS 3.xHIGH 7.3
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HReferences
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696
- https://clearbluejar.github.io/posts/patch-tuesday-diffing-cve-2024-20696-windows-libarchive-rce/
- https://github.com/clearbluejar/CVE-2024-20696
- https://lists.debian.org/debian-lts-announce/2024/11/msg00007.html
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696
HIGH7.8
Libarchive Remote Code Execution Vulnerability
CVSS 3.xHIGH 7.8
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26256
- http://www.openwall.com/lists/oss-security/2024/06/04/2
- http://www.openwall.com/lists/oss-security/2024/06/05/1
- https://github.com/LeSuisse/nixpkgs/commit/81b82a2934521dffef76f7ca305d8d4e22fe7262
- https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237.patch
- https://github.com/libarchive/libarchive/releases/tag/v3.7.4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWANFZ6NEMXFCALXWI2AFKYBOLONAVFC/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TWAMR5TY47UKVYMWQXB34CWSBNTRYMBV/
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26256
- https://www.openwall.com/lists/oss-security/2024/06/04/2