CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

Astra Linux - уязвимость в python3.11, python2.7, python3.7

The ‘zipfile’ module does not check the validity of the offset value specified in the ZIP64 End of Central Directory EOCD Locator record. Instead, the ZIP64 EOCD record is assumed to be the previous record in the ZIP archive. This behavior can be exploited to create ZIP archives that are processe...

WinRAR 安全漏洞

WinRAR is a file compressor developed by the WinRAR company. This product supports compression and decompression of files in formats such as RAR and ZIP. Version 5.61 of WinRAR contained a security vulnerability, which was caused by a denial-of-service attack. This vulnerability could allow local...

GO-2026-4352 OpenTofu has High CPU usage in "tofu init" with maliciously-crafted module packages in .zip format in github.com/opentofu/opentofu

OpenTofu has High CPU usage in "tofu init" with maliciously-crafted module packages in .zip format in github.com/opentofu/opentofu...

golang: archive/zip: Incorrect handling of certain ZIP files

A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next...

PT-2024-4147 · Unknown +1 · Libarchive +1

Name of the Vulnerable Software and Affected Versions: Libarchive versions prior to 3.7.4 Description: The issue is related to a buffer overflow vulnerability when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in the slurp central directory function in archive read...

Asymmetric Resource Consumption

python is vulnerable to Asymmetric Resource Consumption. This vulnerability is due to an issue in the zip format, allowing for the creation of zip-bombs with a high compression ratio...

K17503: PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804

Security Advisory Description CVE-2015-7803 A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7804 An uninitialized pointer use flaw was found in the pharmakedirstream function of PHP's Ph...

SUSE CVE-2014-9636

unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...

SUSE CVE-2015-8927

The tradencdecryptupdate function in archivereadsupportformatzip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap read and crash via a crafted zip file, related to reading the password...

SUSE CVE-2019-11463

A memory leak in archivereadformatzipcleanup in archivereadsupportformatzip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVELZMAH typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of th...

libarchive: an out-of-bounds read via the component zipx_lzma_alone_init

An out-of-bounds read flaw was found in libarchive. This flaw allows an attacker who can supply a specially crafted zip file to libarchive to cause an out-of-bounds read in programs linked with libarchive, using the LZMA zip functionality. The consequences depend on the specific program linked wi...

GHSA-P3W3-4PPM-C3F6 Cross site scripting in FacturaScripts

FacturaScripts prior to version 2022.06 is vulnerable to stored cross-site scripting via upload plugin functionality in zip format...

GHSA-Q4RF-3FHX-88PF YAML deserialization can run untrusted code

Impact An authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted project archive with a crafted aclpolicy yaml file, that can cause the server to run untrusted code on Rundeck Community or Enterprise Edition. An...

YAML deserialization can run untrusted code

Impact An authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted project archive with a crafted aclpolicy yaml file, that can cause the server to run untrusted code on Rundeck Community or Enterprise Edition. An...

CVE-2021-39132

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, an authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted project archive with ...

Authentication flaw

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, an authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted project archive with ...

CVE-2021-39132 YAML deserialization can run untrusted code

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, an authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted project archive with ...

libarchive: Out of bounds read in archive_read_support_format_7zip.c resulting in a denial of service

libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards release v3.0.2 onwards contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archivereadsupportformat7zip.c, headerbytes that can result in a crash denial of service. This attack appears to be...

Jenkins - Remote Code Execution Exploit

Exploit for java platform in category web applications Jenkins - Remote Code Execution Exploit In the exploitation, the target is always escalating the read primitive or write primitive to code execution! From the previous section, we can write malicious JAR file into remote Jenkins server by...