GHSA-MJQP-26HC-GRXG Picklescan: ZIP archive scan bypass is possible through non-exhaustive Cyclic Redundancy Check

Summary Picklescan's ability to scan ZIP archives for malicious pickle files is compromised when the archive contains a file with a bad Cyclic Redundancy Check CRC. Instead of attempting to scan the files within the archive, whatever the CRC is, Picklescan fails in error and returns no results...

unzip bug fix update

An update is available for unzip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unzip utility is used to list, test, and extract files from zip archives. B...

Security Bulletin: Multiple vulnerabilities in unzip affect IBM Flex System Manager (FSM)

Summary Multiple vulnerabilities have been identified in unzip that is embedded in the FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-9844 DESCRIPTION: Info-Zip UnZip is vulnerable to a denial of service, caused by buffer overflow in zishort function in...