| ID |
CVE-2025-25724
|
| Sažetak |
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale. |
| Reference |
|
| CVSS |
| Base: | 4.0 |
| Impact: | 2.5 |
| Exploitability: | 1.4 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
HIGH |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
LOW |
LOW |
|
| CVSS vektor |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L |
| Zadnje važnije ažuriranje |
17-07-2025 - 15:56 |
| Objavljeno |
02-03-2025 - 02:15 |
