CVE-2025-60753

ADVISORY - nist

Summary

An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).

EPSS Score⁠: 0.00033 (0.093)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-400⁠

Uncontrolled Resource Consumption

CWE-835⁠

Loop with Unreachable Exit Condition ('Infinite Loop')

ADVISORY - redhat

(CWE-400|CWE-835)⁠

Impacted images

Advisories

NIST

CREATED

4 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-60753⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-400⁠CWE-835⁠

CVSS SCORE

5.5medium

Debian

CREATED

4 months ago

UPDATED

17 days ago

ADVISORY IDCVE-2025-60753⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

4 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-60753⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

4 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-60753⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

(CWE-400|CWE-835)⁠

CVSS SCORE

5.5medium

Photon

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

CVE-2025-60753

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.5medium

minimos

CREATED

30 days ago

UPDATED

30 days ago

ADVISORY ID

MINI-8r8r-8wqc-c7x4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY