unzip

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description For extracting and viewing files in .zip archives
Version 6.0-20 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-611 6.0-14 6.0-15 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2019-13232 AVG-611 Low Yes Denial of service
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
CVE-2018-1000035 AVG-611 Low No Arbitrary code execution
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a...
CVE-2018-18384 AVG-611 Medium Yes Arbitrary code execution
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the...
CVE-2016-9844 AVG-611 Low Yes Denial of service
A buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large...
CVE-2014-9913 AVG-611 Low Yes Denial of service
A buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors...