Xar Project Xar vulnerabilities
4 known vulnerabilities affecting xar_project/xar.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-11124CRITICALCVSS 9.8v1.6.12017-07-10
CVE-2017-11124 [CRITICAL] CWE-476 CVE-2017-11124: libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
nvdosv
CVE-2017-11125CRITICALCVSS 9.8v1.6.12017-07-10
CVE-2017-11125 [CRITICAL] CWE-476 CVE-2017-11125: libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.
nvdosv
CVE-2010-3798MEDIUMCVSS 6.8≥ 0, < 1.8.0.498-12010-11-16
CVE-2010-3798 [MEDIUM] CVE-2010-3798: Heap-based buffer overflow in xar in Apple Mac OS X 10
Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted xar archive.
osv
CVE-2010-0055CRITICALCVSS 10.0≥ 0, < 1.8.0.498-12010-03-30
CVE-2010-0055 [CRITICAL] CVE-2010-0055: xar in Apple Mac OS X 10
xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.
osv