Lhasa · Lhasa · CVE-2016-2347
**Name of the Vulnerable Software and Affected Versions**
Lhasa versions prior to 0.3.1
**Description**
The issue is related to an integer underflow in the decode level3 header function, which can be exploited by remote attackers to execute arbitrary code via a crafted archive.
**Recommendations**
For versions prior to 0.3.1, update to version 0.3.1 or later to resolve the issue.