Site icon API Security Blog

K000148646: libarchive vulnerability CVE-2018-1000879

image
Security Advisory Description libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser – libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file. (CVE-2018-1000879) Impact There is no impact; F5 products are not affected by this…Read More

Exit mobile version