libzip
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | C library for reading, creating, and modifying zip archives |
Version | 1.11.1-1 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-390 | 1.2.0-1 | 1.3.0-1 | High | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2017-12858 | AVG-390 | High | Yes | Arbitrary code execution | Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to execute arbitrary code via a crafted zip file. |
Advisories
Date | Advisory | Group | Severity | Type |
---|---|---|---|---|
07 Nov 2017 | ASA-201711-13 | AVG-390 | High | arbitrary code execution |