CVE-2024-20697

Description

Windows libarchive Remote Code Execution Vulnerability

PUBLISHED Reserved 2023-11-28 | Published 2024-01-09 | Updated 2025-06-05 | Assigner microsoft

Problem types

CWE-122: Heap-based Buffer Overflow

Product status

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20697 (Windows Libarchive Remote Code Execution Vulnerability) vendor-advisory

www.zerodayinitiative.com/...te-code-execution-vulnerability

github.com/advisories/GHSA-w6xv-37jv-7cjr

www.openwall.com/lists/oss-security/2024/06/05/1

www.openwall.com/lists/oss-security/2024/06/04/2

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20697 (Windows libarchive Remote Code Execution Vulnerability) vendor-advisory

cve.org (CVE-2024-20697)

nvd.nist.gov (CVE-2024-20697)

Download JSON