mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-01 11:11:27 +00:00
32 lines
1.2 KiB
JSON
32 lines
1.2 KiB
JSON
{
|
|
"id": "CVE-2024-37407",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2024-06-08T13:15:58.337",
|
|
"lastModified": "2024-06-10T02:52:08.267",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Libarchive anterior a 3.7.4 permite el acceso a nombres fuera de los l\u00edmites cuando un archivo ZIP tiene un archivo con nombre vac\u00edo y mac-ext est\u00e1 habilitado. Esto ocurre en slurp_central_directory en archive_read_support_format_zip.c."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/libarchive/libarchive/commit/b6a979481b7d77c12fa17bbed94576b63bbcb0c0",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/libarchive/libarchive/pull/2145",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/libarchive/libarchive/releases/tag/v3.7.4",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |