Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 13 Jul 2026 05:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Sat, 11 Jul 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-122 CWE-787 |
Fri, 10 Jul 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 10 Jul 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Fri, 10 Jul 2026 10:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation could lead to a denial of service, making the system unavailable, or potentially allow for arbitrary code execution, giving the attacker control over the affected system. | |
| Title | Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header | |
| First Time appeared |
Redhat
Redhat enterprise Linux Redhat hummingbird Redhat openshift |
|
| CPEs | cpe:/a:redhat:hummingbird:1 cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux Redhat hummingbird Redhat openshift |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-13T13:35:40.197Z
Reserved: 2026-07-08T07:04:37.243Z
Link: CVE-2026-15028
Updated: 2026-07-10T12:10:38.879Z
No data.
OpenCVE Enrichment
Updated: 2026-07-12T05:15:16Z