Search

Search is not available in local development.
Run npx pagefind --site __site after building to enable it.

JLSEC-2025-234

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block ...

Source Edit History OSV JSON (OSV)

JLSEC Published: Nov 25, 2025
Modified: Apr 20, 2026
Affected Packages: LibArchive_jll < 3.7.4+0
Aliases / Upstream: CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring (called from douncompressblock and processblock).

References