CVE-2019-13232

🗓️ 04 Jul 2019 12:03:06Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 345 Views

Info-ZIP UnZip 6.0 mishandles ZIP files, leading to denial of service

Reporter	Title	Published	Views	Family All 108
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities	9 Apr 202103:15	–	ibm
IBM Security Bulletins	Security Bulletin: Unzip as used by IBM QRadar SIEM is vulnerable to denial of service (CVE-2019-13232)	13 Oct 202016:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2019-13232)	23 Jul 202021:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway may allow a potential DoS when importing malicious ZIP files (CVE-2019-13232)	8 Jun 202122:33	–	ibm
Tenable Nessus	Amazon Linux 2023 : unzip (ALAS2023-2026-1422)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : unzip (ALAS-2020-1550)	27 Oct 202000:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0051: unzip (ALINUX3-SA-2022:0051)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : unzip (ALSA-2020:1787)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : unzip (CESA-2020:1787)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : unzip (CESA-2020:1181)	10 Apr 202000:00	–	nessus

NVD

Node

Node

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2019/07/msg00005.html
support	www.support.f5.com/csp/article/K80311892
lists	www.lists.debian.org/debian-lts-announce/2019/07/msg00027.html
security	www.security.netapp.com/advisory/ntap-20190814-0002/
github	www.github.com/madler/unzip
bamsoftware	www.bamsoftware.com/hacks/zipbomb/
security	www.security.gentoo.org/glsa/202003-58

21 Nov 2024 04:24Current

3.8Low risk

Vulners AI Score3.8

CVSS 22.1

CVSS 3.13.3

EPSS0.00047