CVE-2024-37407: libarchive: Out of bounds access in slurp_central_directory at archive_read_support_format_zip.c

Severity: Critical

CVSS Score: 9.1

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c.