src
src copied to clipboard
MidnightBSD
CVE-2025-5916 (Low) detected in src3.2.3
CVE-2025-5916 - Low Severity Vulnerability
Vulnerable Library - src3.2.3
MidnightBSD OS source code
Library home page: https://github.com/MidnightBSD/src.git
Found in HEAD commit: 816463d989cc5839c1cca2efb5bf2503408507fb
Found in base branch: stable/3.2
Vulnerable Source Files (1)
/contrib/libarchive/libarchive/archive_read_support_format_warc.c
Vulnerability Details
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive.
Publish Date: 2025-06-09
URL: CVE-2025-5916
CVSS 3 Score Details (3.9)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: Low
Suggested Fix
Type: Upgrade version
Release Date: 2025-06-09
Fix Resolution: https://github.com/libarchive/libarchive.git - v3.8.0
Step up your Open Source Security Game with Mend here
![mend-bolt-for-github[bot] avatar](https://avatars.githubusercontent.com/in/16809?v=4 "Published by a pub.dev verified publisher"){kind=small}