CVE-2019-11463
- Source
- https://cve.org/CVERecord?id=CVE-2019-11463
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11463.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-11463
- Published
- 2019-04-23T03:29:00.353Z
- Modified
- 2026-04-11T08:55:45.811563Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A memory leak in archivereadformatzipcleanup in archivereadsupportformatzip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVELZMAH typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.
- References
Affected packages
Git / github.com/libarchive/libarchive
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11463.json"
vanir_signatures_modified
"2026-04-11T08:55:45Z"
vanir_signatures
[
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/libarchive/libarchive/commit/ba641f73f3d758d9032b3f0e5597a9c6e593a505",
"digest": {
"function_hash": "7756515333309930967988121913935002536",
"length": 1062.0
},
"id": "CVE-2019-11463-457a48a0",
"deprecated": false,
"target": {
"file": "libarchive/archive_read_support_format_zip.c",
"function": "archive_read_format_zip_cleanup"
}
},
{
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/libarchive/libarchive/commit/ba641f73f3d758d9032b3f0e5597a9c6e593a505",
"digest": {
"threshold": 0.9,
"line_hashes": [
"281714433212046131149431112604978976357",
"133564199602421433980574568012685770708",
"102926465850718391217945789488812991351",
"25476202388215352787523326248138130929"
]
},
"id": "CVE-2019-11463-ce74e48b",
"deprecated": false,
"target": {
"file": "libarchive/archive_read_support_format_zip.c"
}
}
]