{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T07:40:03.272","vulnerabilities":[{"cve":{"id":"CVE-2025-5918","sourceIdentifier":"secalert@redhat.com","published":"2025-06-09T20:15:27.493","lastModified":"2025-08-15T18:35:04.390","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en la librería libarchive. Esta falla puede activarse cuando se canalizan flujos de archivos a bsdtar, lo que podría permitir la lectura más allá del final del archivo. Esta lectura fuera de los límites puede tener consecuencias imprevistas, como un comportamiento impredecible del programa, corrupción de memoria o una condición de denegación de servicio."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L","baseScore":3.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.3,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*","versionEndExcluding":"3.8.0","matchCriteriaId":"FCC41392-D22A-4BE5-B7E7-DE5D6BA40052"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2025-5918","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370877","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://github.com/libarchive/libarchive/pull/2584","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://github.com/libarchive/libarchive/releases/tag/v3.8.0","source":"secalert@redhat.com","tags":["Release Notes"]}]}}]}