Vulnerability Database
Blog
FAQ
Docs
CVE-2024-20696
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-20696
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-20696.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-20696
Related
DLA-3950-1
DSA-5806-1
SUSE-SU-2024:2081-1
SUSE-SU-2024:2082-1
SUSE-SU-2024:2083-1
SUSE-SU-2024:2171-1
SUSE-SU-2024:2171-2
UBUNTU-CVE-2024-20696
USN-7087-1
openSUSE-SU-2024:14378-1
Published
2024-01-09T18:15:52Z
Modified
2024-12-05T15:39:22.972124Z
Severity
7.3 (High)
CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
[none]
Details
Windows Libarchive Remote Code Execution Vulnerability
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696
https://security.alpinelinux.org/vuln/CVE-2024-20696
https://security-tracker.debian.org/tracker/CVE-2024-20696
Affected packages
Alpine:v3.17
/
libarchive
Package
Name
libarchive
Purl
pkg:apk/alpine/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.7.5-r0
Affected versions
2.*
2.8.4-r0
2.8.4-r1
2.8.4-r2
2.8.5-r0
3.*
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.1.2-r0
3.1.2-r1
3.1.2-r2
3.2.0-r0
3.2.1-r0
3.2.1-r1
3.2.2-r0
3.2.2-r1
3.3.1-r0
3.3.1-r1
3.3.2-r0
3.3.2-r1
3.3.2-r2
3.3.2-r3
3.3.2-r4
3.3.3-r0
3.4.0-r0
3.4.1-r0
3.4.2-r0
3.4.3-r0
3.5.0-r0
3.5.1-r0
3.5.2-r0
3.5.2-r1
3.5.2-r2
3.6.0-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.7.2-r0
3.7.2-r1
3.7.4-r0
Alpine:v3.18
/
libarchive
Package
Name
libarchive
Purl
pkg:apk/alpine/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.7.5-r0
Affected versions
2.*
2.8.4-r0
2.8.4-r1
2.8.4-r2
2.8.5-r0
3.*
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.1.2-r0
3.1.2-r1
3.1.2-r2
3.2.0-r0
3.2.1-r0
3.2.1-r1
3.2.2-r0
3.2.2-r1
3.3.1-r0
3.3.1-r1
3.3.2-r0
3.3.2-r1
3.3.2-r2
3.3.2-r3
3.3.2-r4
3.3.3-r0
3.4.0-r0
3.4.1-r0
3.4.2-r0
3.4.3-r0
3.5.0-r0
3.5.1-r0
3.5.2-r0
3.5.2-r1
3.5.2-r2
3.6.0-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.2-r1
3.6.2-r2
3.7.2-r0
3.7.2-r1
3.7.4-r0
Alpine:v3.19
/
libarchive
Package
Name
libarchive
Purl
pkg:apk/alpine/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.7.5-r0
Affected versions
2.*
2.8.4-r0
2.8.4-r1
2.8.4-r2
2.8.5-r0
3.*
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.1.2-r0
3.1.2-r1
3.1.2-r2
3.2.0-r0
3.2.1-r0
3.2.1-r1
3.2.2-r0
3.2.2-r1
3.3.1-r0
3.3.1-r1
3.3.2-r0
3.3.2-r1
3.3.2-r2
3.3.2-r3
3.3.2-r4
3.3.3-r0
3.4.0-r0
3.4.1-r0
3.4.2-r0
3.4.3-r0
3.5.0-r0
3.5.1-r0
3.5.2-r0
3.5.2-r1
3.5.2-r2
3.6.0-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.2-r1
3.6.2-r2
3.6.2-r3
3.7.0-r0
3.7.1-r0
3.7.2-r0
3.7.2-r1
3.7.4-r0
Alpine:v3.20
/
libarchive
Package
Name
libarchive
Purl
pkg:apk/alpine/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.7.5-r0
Affected versions
2.*
2.8.4-r0
2.8.4-r1
2.8.4-r2
2.8.5-r0
3.*
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.1.2-r0
3.1.2-r1
3.1.2-r2
3.2.0-r0
3.2.1-r0
3.2.1-r1
3.2.2-r0
3.2.2-r1
3.3.1-r0
3.3.1-r1
3.3.2-r0
3.3.2-r1
3.3.2-r2
3.3.2-r3
3.3.2-r4
3.3.3-r0
3.4.0-r0
3.4.1-r0
3.4.2-r0
3.4.3-r0
3.5.0-r0
3.5.1-r0
3.5.2-r0
3.5.2-r1
3.5.2-r2
3.6.0-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.2-r1
3.6.2-r2
3.6.2-r3
3.7.0-r0
3.7.1-r0
3.7.2-r0
3.7.2-r1
3.7.3-r0
3.7.4-r0
Alpine:v3.21
/
libarchive
Package
Name
libarchive
Purl
pkg:apk/alpine/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.7.5-r0
Affected versions
2.*
2.8.4-r0
2.8.4-r1
2.8.4-r2
2.8.5-r0
3.*
3.0.2-r0
3.0.3-r0
3.0.4-r0
3.1.2-r0
3.1.2-r1
3.1.2-r2
3.2.0-r0
3.2.1-r0
3.2.1-r1
3.2.2-r0
3.2.2-r1
3.3.1-r0
3.3.1-r1
3.3.2-r0
3.3.2-r1
3.3.2-r2
3.3.2-r3
3.3.2-r4
3.3.3-r0
3.4.0-r0
3.4.1-r0
3.4.2-r0
3.4.3-r0
3.5.0-r0
3.5.1-r0
3.5.2-r0
3.5.2-r1
3.5.2-r2
3.6.0-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.2-r1
3.6.2-r2
3.6.2-r3
3.7.0-r0
3.7.1-r0
3.7.2-r0
3.7.2-r1
3.7.3-r0
3.7.4-r0
Debian:11
/
libarchive
Package
Name
libarchive
Purl
pkg:deb/debian/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.4.3-2+deb11u2
Affected versions
3.*
3.4.3-2
3.4.3-2+deb11u1
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:12
/
libarchive
Package
Name
libarchive
Purl
pkg:deb/debian/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.6.2-1+deb12u2
Affected versions
3.*
3.6.2-1
3.6.2-1+deb12u1
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:13
/
libarchive
Package
Name
libarchive
Purl
pkg:deb/debian/libarchive?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.7.4-1.1
Affected versions
3.*
3.6.2-1
3.7.2-1
3.7.2-1.1~exp1
3.7.2-1.1
3.7.2-2
3.7.2-2.1
3.7.4-1
Ecosystem specific
{ "urgency": "not yet assigned" }
CVE-2024-20696 - OSV