VYPR

rpm package

suse/unzip&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5

pkg:rpm/suse/unzip&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Vulnerabilities (3)

  • CVE-2022-0529Feb 9, 2022
    affected < 6.00-33.16.1fixed 6.00-33.16.1

    A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

  • CVE-2022-0530Feb 9, 2022
    affected < 6.00-33.16.1fixed 6.00-33.16.1

    A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

  • CVE-2018-18384Oct 16, 2018
    affected < 6.00-33.13.3fixed 6.00-33.13.3

    Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.