CVE-2019-13232

🗓️ 04 Jul 2019 12:03:06Reported by Debian Security Bug TrackerType

Info-ZIP UnZip 6.0 vulnerability in handling overlapping files inside ZIP container leading to denial of servic

Reporter	Title	Published	Views	Family All 109
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities	9 Apr 202103:15	–	ibm
IBM Security Bulletins	Security Bulletin: Unzip as used by IBM QRadar SIEM is vulnerable to denial of service (CVE-2019-13232)	13 Oct 202016:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2019-13232)	23 Jul 202021:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway may allow a potential DoS when importing malicious ZIP files (CVE-2019-13232)	8 Jun 202122:33	–	ibm
Tenable Nessus	Amazon Linux 2023 : unzip (ALAS2023-2026-1422)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : unzip (ALAS-2020-1550)	27 Oct 202000:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0051: unzip (ALINUX3-SA-2022:0051)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : unzip (ALSA-2020:1787)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : unzip (CESA-2020:1787)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : unzip (CESA-2020:1181)	10 Apr 202000:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Debian	11	any	unzip	6.0-24	unzip_6.0-24_any.deb
Debian	12	any	unzip	6.0-24	unzip_6.0-24_any.deb
Debian	13	any	unzip	6.0-24	unzip_6.0-24_any.deb
Debian	14	any	unzip	6.0-24	unzip_6.0-24_any.deb
Debian	999	any	unzip	6.0-24	unzip_6.0-24_any.deb

04 Jul 2019 12:03Current

5.7Medium risk

Vulners AI Score5.7

CVSS 22.1

CVSS 3.13.3

EPSS0.00495