Debian Unzip vulnerabilities

CVE-2022-0529 [MEDIUM] CVE-2022-0529: unzip - A flaw was found in Unzip. The vulnerability occurs during the conversion of a w... A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Scope: local bookworm: resolved (fixed in 6.0-27) bullseye: resolved (fixed in 6.0-26+deb11u1) forky: resolved

CVE-2022-0530 [MEDIUM] CVE-2022-0530: unzip - A flaw was found in Unzip. The vulnerability occurs during the conversion of a w... A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Scope: local bookworm: resolved (fixed in 6.0-27) bullseye: resolved (fixed in 6.0-26+deb11u1) forky: resolved

CVE-2021-4217 [LOW] CVE-2021-4217: unzip - A flaw was found in unzip. The vulnerability occurs due to improper handling of ... A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2019-13232 [LOW] CVE-2019-13232: unzip - Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, l... Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue. Scope: local bookworm: resolved (fixed in 6.0-24) bullseye: resolved (fixed in 6.0-24) forky: resolved (fixed in 6.0-24) sid: resolved (fixed in 6.0-24) trixie: resolved (fixed in 6.0-24)

CVE-2018-1000035 [HIGH] CVE-2018-1000035: unzip - A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the pro... A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution. Scope: local bookworm: resolved (fixed in 6.0-22) bullseye: resolved (fixed in 6.0-22) forky: resolved (fixed in 6.0-22) sid: resolved (fixed in 6.0-22)

CVE-2018-18384 [MEDIUM] CVE-2018-18384: unzip - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a cra... Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12. Scope: local bookworm: resolved (fixed in 6.0-11) bullseye: resolved (fixed in 6.0-11) forky: resolved (fixed in 6.0-11) sid: resolved (fixed in 6.0-

CVE-2018-1000033 [CRITICAL] CVE-2018-1000033: unzip - An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an at... An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-1000032 [HIGH] CVE-2018-1000032: unzip - A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allow... A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-1000031 [HIGH] CVE-2018-1000031: unzip - A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allow... A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-1000034 [CRITICAL] CVE-2018-1000034: unzip - An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an at... An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-9844 [MEDIUM] CVE-2016-9844: unzip - Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allo... Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header. Scope: local bookworm: resolved (fixed in 6.0-21) bullseye: resolved (fixed in 6.0-21) forky: resolved (fixed in 6.0-21) sid: resolved (fixed in 6.0-21) trixi

CVE-2015-7697 [MEDIUM] CVE-2015-7697: unzip - Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinit... Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive. Scope: local bookworm: resolved (fixed in 6.0-19) bullseye: resolved (fixed in 6.0-19) forky: resolved (fixed in 6.0-19) sid: resolved (fixed in 6.0-19) trixie: resolved (fixed in 6.0-19)

CVE-2015-7696 [MEDIUM] CVE-2015-7696: unzip - Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-ba... Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value. Scope: local bookworm: resolved (fixed in 6.0-19) bullseye: resolved (fixed in 6.0-19) forky: resolved (fixed in 6.0-1

CVE-2015-1315 [HIGH] CVE-2015-1315: unzip - Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZ... Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2014-8139 [HIGH] CVE-2014-8139: unzip - Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and e... Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. Scope: local bookworm: resolved (fixed in 6.0-16) bullseye: resolved (fixed in 6.0-16) forky: resolved (fixed in 6.0-16) sid: resolved (fixed in 6.0-16) trixie: re

CVE-2014-8141 [HIGH] CVE-2014-8141: unzip - Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 an... Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. Scope: local bookworm: resolved (fixed in 6.0-13) bullseye: resolved (fixed in 6.0-13) forky: resolved (fixed in 6.0-13) sid: resolved (fixed in 6.0-13) trixie:

CVE-2014-8140 [HIGH] CVE-2014-8140: unzip - Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 a... Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. Scope: local bookworm: resolved (fixed in 6.0-13) bullseye: resolved (fixed in 6.0-13) forky: resolved (fixed in 6.0-13) sid: resolved (fixed in 6.0-13) trixie

CVE-2014-9636 [MEDIUM] CVE-2014-9636: unzip - unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds re... unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. Scope: local bookworm: resolved (fixed in 6.0-15) bullseye: resolved (fixed in 6.0-15) forky: resolved (fixed in 6.0-15) si

CVE-2014-9913 [MEDIUM] CVE-2014-9913: unzip - Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allow... Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. Scope: local bookworm: resolved (fixed in 6.0-21) bullseye: resolved (fixed in 6.0-21) forky: resolved (fixed in 6.0-21) sid: resolved (fixed in 6.0-21) trixie: resolved (fixed in 6.0-21)

CVE-2008-0888 [CRITICAL] CVE-2008-0888: unzip - The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be... The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data. Scope: local bookworm: resolved (fixed in 5.52-11) bullseye: resolved