CVE-2017-11125

CRITICAL

xar 1.6.1 - NULL Pointer Dereference in xar_get_path

Title source: llm
STIX 2.1

Description

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.

Scores

CVSS v3 9.8
EPSS 0.0193
EPSS Percentile 77.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-476
Status published
Products (1)
xar_project/xar 1.6.1
Published Jul 10, 2017
Tracked Since Feb 18, 2026