VYPR

rpm package

almalinux/zziplib-utils

pkg:rpm/almalinux/zziplib-utils

Vulnerabilities (3)

  • CVE-2020-18770Aug 22, 2023
    affected < 0.13.71-11.el9_4fixed 0.13.71-11.el9_4

    An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.

  • CVE-2020-18442Jun 18, 2021
    affected < 0.13.68-9.el8fixed 0.13.68-9.el8

    Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".

  • CVE-2018-17828MedOct 1, 2018
    affected < 0.13.78-2.el10fixed 0.13.78-2.el10

    Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.