VDB
GCVE-110-MAGEIA-2025-102
GCVE-110-MAGEIA-2025-102
Advisory Published
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not
check an strftime return value, which can lead to a denial of service or
unspecified other impact via a crafted TAR archive that is read with a
verbose value of 2. For example, the 100-byte buffer may not be
sufficient for a custom locale. (CVE-2025-25724
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python-sslyze | 5.1.0-1.mga9 (unaffected), 0 (affected) | — |
| Mageia | libarchive | 0 (affected), 3.6.2-5.4.mga9 (unaffected), 3.6.2-5.4.mga9 (unaffected), 0 (affected) | — |
| Mageia | python-nassl | 0 (affected), 5.3.1-1.mga9 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.