- Description
- list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 4
- Impact score
- 2.5
- Exploitability score
- 1.4
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
- Severity
- MEDIUM
- cve@mitre.org
- CWE-252
- Hype score
- Not currently trending
๐จ CVE-2025-25724 ๐ MEDIUM (4) ๐ข libarchive - libarchive ๐๏ธ 0 ๐ https://t.co/8p1AbqkOS2 ๐ https://t.co/4LjRIvs8ag ๐ https://t.co/Z9ZSICpDp6 #CyberCron #VulnAlert #InfoSec https://t.co/qF74m0RKPR
@cybercronai
2 Mar 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25724 list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impactโฆ https://t.co/hA5Miy9eNL
@CVEnew
2 Mar 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes