{"vulnerability": "CVE-2025-25724", "sightings": [{"uuid": "2124ce4c-73dd-41c8-8f2f-9d1761ef6e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25724", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ln4gbfhjbx2q", "content": "", "creation_timestamp": "2025-04-18T20:06:45.589954Z"}, {"uuid": "3daf8bd4-93ff-488a-a73a-97509f76865a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25724", "type": "seen", "source": "MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18", "content": "", "creation_timestamp": "2025-08-19T18:29:29.000000Z"}, {"uuid": "6915b829-aea7-4f04-956a-b5bcc2e68766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25724", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6087", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25724\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.\n\ud83d\udccf Published: 2025-03-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-02T01:22:26.132Z\n\ud83d\udd17 References:\n1. https://github.com/Ekkosun/pocs/blob/main/bsdtarbug\n2. https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752\n3. https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92", "creation_timestamp": "2025-03-02T02:29:04.000000Z"}, {"uuid": "56d11f25-8a91-4d1c-9987-ac23f535556d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25724", "type": "seen", "source": "https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92", "content": "", "creation_timestamp": "2025-02-28T02:45:47.000000Z"}, {"uuid": "c07600b2-119e-4a2e-abfa-720b7bb49137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25724", "type": "seen", "source": "https://gist.github.com/EbonJaeger/99dd58f015b229c6f25edb5dae784966", "content": "", "creation_timestamp": "2025-10-17T17:52:23.000000Z"}, {"uuid": "6504168c-9db3-4851-a6c3-16d0f5c561b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25724", "type": "seen", "source": "https://t.me/cvedetector/19246", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25724 - Apache Libarchive strftime Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-25724 \nPublished : March 2, 2025, 2:15 a.m. | 46\u00a0minutes ago \nDescription : list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-02T04:23:52.000000Z"}]}