---

CVE-2019-13232 - log back

CVE-2019-13232 edited at 03 Nov 2021 13:57:14
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
References	+ https://www.openwall.com/lists/oss-security/2019/08/06/3 + https://www.bamsoftware.com/hacks/zipbomb/ + https://src.fedoraproject.org/rpms/unzip/raw/rawhide/f/unzip-zipbomb-part1.patch + https://src.fedoraproject.org/rpms/unzip/raw/rawhide/f/unzip-zipbomb-part2.patch + https://src.fedoraproject.org/rpms/unzip/raw/rawhide/f/unzip-zipbomb-part3.patch + https://src.fedoraproject.org/rpms/unzip/raw/rawhide/f/unzip-zipbomb-part4.patch + https://src.fedoraproject.org/rpms/unzip/raw/rawhide/f/unzip-zipbomb-part5.patch + https://src.fedoraproject.org/rpms/unzip/raw/rawhide/f/unzip-zipbomb-part6.patch

CVE-2019-13232 created at 03 Nov 2021 13:55:35
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes