3 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the zzipparserootdirectory function. An attacker can disrupt service and potentially execute arbitrary code by sending specially crafted inputs. Remediation A fix was pushed into the master branch but not...
SUSE CVE-2018-7726
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the zzipparserootdirectory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...
AZL-7013 CVE-2018-16548 affecting package zziplib for versions less than 0.13.69-8
An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function zzipparserootdirectory in zip.c, which will lead to a denial of service attack...