VDB
DEBIAN-CVE-2025-5918
DEBIAN-CVE-2025-5918
PUBLISHED
CVSS 6.599999904632568 MEDIUM
A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.
Risk Scores
CVSS v3.1
6.599999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | libarchive | *, 3.6.2-1+deb12u3, 3.7.2-1 |
| Debian:11 | libarchive | 3.4.3-2, 3.4.3-2+deb11u1, 3.4.3-2+deb11u2 |
| Debian:13 | libarchive | 3.8.4-1, 3.8.7-1, 0 |
| Debian:14 | libarchive | 3.7.4-4, 0, 3.7.4-4 |
Timeline
- Jun 9, 2025 CVE Published
- May 16, 2026 CVE Updated