Astra Linux - уязвимость в zziplib

The infinite loop in zziplib v0.13.69 allows remote attackers to cause a denial of service by using the return value “zzipfileread” in the function “unzzipcatfile”...

Linux Distros Unpatched Vulnerability : CVE-2020-18770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. CVE-2020-18770 Note that...

An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.

...

OESA-2021-1247 zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Applications can bundle files into a single zip archive and access them. The implementation is based only on the free subset of compression with the zlib algorithm which is actually used by the zip/unzip tools. Security...

zziplib 安全漏洞

ZZIPlib is a compressed document extraction library. A security vulnerability exists in zziplib, which is caused by an infinite loop in zziplib v0.13.69. The vulnerability can be exploited to cause a denial of service via the return value "zzip file read" in the function "unzzip cat file"...

Directory Traversal

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Directory Traversal. Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. dot dot in a zip file, because of the function unzzipcat in...

AZL-7457 CVE-2018-16548 affecting package zziplib for versions less than 0.13.69-8

An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function zzipparserootdirectory in zip.c, which will lead to a denial of service attack...