Unzip Project Unzip vulnerabilities
21 known vulnerabilities affecting unzip_project/unzip.
Total CVEs
21
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH5MEDIUM9LOW5
Vulnerabilities
Page 1 of 2
CVE-2003-0282P4LOWCVSS 2.6PoC≥ 0, < 5.50-32003-06-16
CVE-2003-0282 [LOW] CVE-2003-0282: Directory traversal vulnerability in UnZip 5
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
osv
CVE-2018-1000035P3HIGHCVSS 7.8≤ 6.002018-02-09
CVE-2018-1000035 [HIGH] CWE-787 CVE-2018-1000035: A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
nvdosv
CVE-2020-36561P3CRITICALCVSS 9.1fixed in 1.0.3-0.20200308084313-2adbaa4891b92022-12-27
CVE-2020-36561 [CRITICAL] CWE-22 CVE-2020-36561: Due to improper path sanitization, archives containing relative file paths can cause files to be wri
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
nvd
CVE-2014-8140P3HIGHCVSS 7.8≤ 6.02020-01-31
CVE-2014-8140 [HIGH] CWE-787 CVE-2014-8140: Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows re
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
nvdosv
CVE-2014-8141P3HIGHCVSS 7.8≤ 6.02020-01-31
CVE-2014-8141 [HIGH] CWE-787 CVE-2014-8141: Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows rem
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
nvdosv
CVE-2014-8139P3HIGHCVSS 7.8≤ 6.02020-01-31
CVE-2014-8139 [HIGH] CWE-787 CVE-2014-8139: Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
nvdosv
CVE-2015-1315P3HIGHCVSS 7.5≥ 0, < 6.0-9ubuntu1.32015-02-17
CVE-2015-1315 [HIGH] CVE-2015-1315: Buffer overflow in the charset_to_intern function in unix/unix
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
osv
CVE-2008-0888P3CRITICALCVSS 9.3fixed in 6.02008-03-17
CVE-2008-0888 [CRITICAL] CWE-119 CVE-2008-0888: The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using inval
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
nvdosv
CVE-2005-4667P4LOWCVSS 3.7PoC≥ 0, < 5.52-72005-12-31
CVE-2005-4667 [LOW] CVE-2005-4667: Buffer overflow in UnZip 5
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.
osv
CVE-2015-7696P3MEDIUMCVSS 6.8v6.02015-11-06
CVE-2015-7696 [MEDIUM] CWE-119 CVE-2015-7696: Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
nvdosv
CVE-2014-9636P4MEDIUMCVSS 5.0v6.02015-02-06
CVE-2014-9636 [MEDIUM] CWE-119 CVE-2014-9636: unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and cras
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
nvdosv
CVE-2022-0529P4MEDIUMCVSS 5.5v6.02022-02-09
CVE-2022-0529 [MEDIUM] CWE-787 CVE-2022-0529: A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a loca
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
nvdosv
CVE-2022-0530P4MEDIUMCVSS 5.5v6.02022-02-09
CVE-2022-0530 [MEDIUM] CVE-2022-0530: A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a loca
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
nvdosv
CVE-2015-7697P4MEDIUMCVSS 4.3v6.02015-11-06
CVE-2015-7697 [MEDIUM] CWE-399 CVE-2015-7697: Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bz
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
nvdosv
CVE-2018-18384P4MEDIUMCVSS 5.5v6.02018-10-16
CVE-2018-18384 [MEDIUM] CWE-119 CVE-2018-18384: Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship be
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.
nvdosv
CVE-2005-0602P4MEDIUMCVSS 6.2≥ 0, < 5.52-12005-05-02
CVE-2005-0602 [MEDIUM] CVE-2005-0602: Unzip 5
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
osv
CVE-2016-9844P4MEDIUMCVSS 4.0v6.02017-01-18
CVE-2016-9844 [MEDIUM] CWE-119 CVE-2016-9844: Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers
Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.
nvdosv
CVE-2014-9913P4MEDIUMCVSS 4.0v6.02017-01-18
CVE-2014-9913 [MEDIUM] CWE-119 CVE-2014-9913: Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers t
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.
nvdosv
CVE-2021-4217P4LOWCVSS 3.3v6.0vunzip 6.02022-08-24
CVE-2021-4217 [LOW] CWE-476 CVE-2021-4217: A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, whi
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
nvdosv
CVE-2005-2475P4LOWCVSS 1.2≥ 0, < 5.52-42005-08-05
CVE-2005-2475 [LOW] CVE-2005-2475: Race condition in Unzip 5
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
osv
1 / 2Next →