libzip

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A C library for reading, creating, and modifying zip archives
Version 1.5.1-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-390 1.2.0-1 1.3.0-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2017-12858 AVG-390 High Yes Arbitrary code execution
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to execute arbitrary code via a crafted zip file.

Advisories

Date Advisory Group Severity Description
07 Nov 2017 ASA-201711-13 AVG-390 High arbitrary code execution