VDB

GCVE-110-MAGEIA-2025-102

GCVE-110-MAGEIA-2025-102
Advisory Published
Vulnetix · Advisory published March 17, 2025
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale. (CVE-2025-25724

Affected Products

VendorProductVersionsPlatforms
Mageiapython-sslyze5.1.0-1.mga9 (unaffected), 0 (affected)
Mageialibarchive0 (affected), 3.6.2-5.4.mga9 (unaffected), 3.6.2-5.4.mga9 (unaffected), 0 (affected)
Mageiapython-nassl0 (affected), 5.3.1-1.mga9 (unaffected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›