OSV-2022-1193

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2022-1193.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-1193
Published
2022-11-22T13:02:17.631310Z
Modified
2022-11-22T13:02:17.631547Z
Summary
Heap-buffer-overflow in archive_read_has_encrypted_entries
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53594

Crash type: Heap-buffer-overflow READ 8
Crash state:
archive_read_has_encrypted_entries
libarchive_fuzzer.cc
References

Affected packages

OSS-Fuzz / libarchive

Package

Name
libarchive
Purl
pkg:generic/libarchive

Affected ranges

Type
GIT
Repo
https://github.com/libarchive/libarchive.git
Events
Introduced
fa4b613f2e2510bd036f2eeed2fece97cd18b079
Fixed
45c728b00dce4af6b7f0603df0a0af4bafe6f2ad

Affected versions

v3.*

v3.6.2

Ecosystem specific 

{
    "severity": "MEDIUM"
}