Msrc Cbl2 Libarchive 3.6.1-4 On Cbl Mariner 2.0 vulnerabilities
2 known vulnerabilities affecting msrc/cbl2_libarchive_3.6.1-4_on_cbl_mariner_2.0.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2024-48957HIGHCVSS 7.82024-10-08
CVE-2024-48957 [HIGH] CWE-125 execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected
msrc
CVE-2024-48958HIGHCVSS 7.82024-10-08
CVE-2024-48958 [HIGH] CWE-125 execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected
msrc