{"id":"JLSEC-2025-239","summary":"Libarchive Remote Code Execution Vulnerability","details":"Libarchive Remote Code Execution Vulnerability","modified":"2025-11-25T22:18:14.054571Z","published":"2025-11-25T22:03:17.636Z","upstream":["CVE-2024-26256"],"database_specific":{"license":"CC-BY-4.0","sources":[{"imported":"2025-11-25T21:58:26.865Z","published":"2024-04-09T17:15:47.507Z","modified":"2025-01-08T16:03:05.373Z","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2024-26256","id":"CVE-2024-26256","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26256"}]},"references":[{"type":"WEB","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26256"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/06/04/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/06/05/1"},{"type":"WEB","url":"https://github.com/LeSuisse/nixpkgs/commit/81b82a2934521dffef76f7ca305d8d4e22fe7262"},{"type":"WEB","url":"https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237.patch"},{"type":"WEB","url":"https://github.com/libarchive/libarchive/releases/tag/v3.7.4"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWANFZ6NEMXFCALXWI2AFKYBOLONAVFC/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TWAMR5TY47UKVYMWQXB34CWSBNTRYMBV/"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2024/06/04/2"}],"affected":[{"package":{"name":"LibArchive_jll","ecosystem":"Julia","purl":"pkg:julia/LibArchive_jll?uuid=1e303b3e-d4db-56ce-88c4-91e52606a1a8"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.7.4+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-239.json"}}],"schema_version":"1.7.3"}