CVE-2025-25724

ADVISORY - nist

Summary

list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.

EPSS Score⁠: 0.00013 (0.016)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-252⁠

Unchecked Return Value

ADVISORY - redhat

CWE-252⁠

Unchecked Return Value

Impacted images

Advisories

NIST

CREATED

10 months ago

UPDATED

6 months ago

ADVISORY IDCVE-2025-25724⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-252⁠

CVSS SCORE

4medium

Alpine

CREATED

9 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-25724⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

10 months ago

UPDATED

8 days ago

ADVISORY IDCVE-2025-25724⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

10 months ago

UPDATED

6 months ago

ADVISORY IDCVE-2025-25724⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8medium

Alma

CREATED

7 months ago

UPDATED

6 months ago

ADVISORY IDALSA-2025:9431⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

10 months ago

UPDATED

2 days ago

ADVISORY IDCVE-2025-25724⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-252⁠

CVSS SCORE

4medium

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2025:9420⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2025:9431⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY IDELSA-2025-9420⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY IDELSA-2025-9431⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

CGA-m8v2-4459-jppx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Photon

CREATED

10 months ago

UPDATED

4 months ago

ADVISORY ID

CVE-2025-25724

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8high

minimos

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

MINI-95fg-pv3f-v6h7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY