Arbitrary Code Execution

libzip is vulnerable to arbitrary code execution. A double-free in the zipdirentread function in zipdirent.c potentially allows an attacker to execute arbitrary code on the host OS...

Denial Of Service (DoS)

libzip.so is vulnerable to denial of service. A use-after-free exists in the function zipdirentread of zipdirent.c when an attacker unzips a malformed ZIP archive, resulting in an application crash and potentially allowing for arbitrary code execution...

CVE-2019-17582

CVE-2019-17582 affects libzip 1.2.0, caused by a use-after-free in _zip_dirent_read within zip_dirent.c. The impact is described as unspecified in the CVE entry. Public sources in connected documents indicate upstream fixes and a later version (1.3.0) addressing related issues (e.g., CVE-2017-128...

CVE-2017-14107

The zipreadeocd64 function in zipopen.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service memory allocation failure in zipcdirgrow in zipdirent.c via a crafted ZIP archive...

CVE-2017-12858

Double free vulnerability in the zipdirentread function in zipdirent.c in libzip allows attackers to have unspecified impact via unknown vectors...

Integer overflow

Integer overflow in the zipcdirnew function in zipdirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service application crash or possibly execute...

CVE-2015-2331

Integer overflow in the zipcdirnew function in zipdirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service application crash or possibly execute...