Lucene search
K

19 matches found

OSV
OSV
added 2025/05/07 7:13 p.m.5 views

RLSA-2024:2377 Moderate: zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

5.5CVSS5.7AI score0.00317EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/05/07 7:13 p.m.6 views

zziplib security update

An update is available for zziplib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The zziplib is a lightweight library to easily extract data from zip files...

5.5CVSS5.5AI score0.00317EPSS
Exploits1
OSV
OSV
added 2024/05/09 2:40 a.m.5 views

MGASA-2024-0167 Updated zziplib packages fix security vulnerability

An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. CVE-2020-18770...

5.5CVSS6.5AI score0.00317EPSS
Exploits1References3
OSV
OSV
added 2024/03/22 8:10 a.m.3 views

SUSE-SU-2024:0970-1 Security update for zziplib

This update for zziplib fixes the following issues: Security issue fixed: - CVE-2020-18442: Fixed infinite loop in zzipfileread as used in unzzipcatfile bsc1187526. - CVE-2020-18770: Fixed denial-of-service in function zzipdiskentrytofileheader in mmapped.c bsc1214577. Non-security issue fixed: -...

5.5CVSS5.5AI score0.00745EPSS
Exploits2References6
OSV
OSV
added 2024/03/21 9:41 a.m.5 views

SUSE-SU-2024:0961-1 Security update for zziplib

This update for zziplib fixes the following issues: - CVE-2020-18770: Fixed denial-of-service in function zzipdiskentrytofileheader in mmapped.c bsc1214577...

5.5CVSS5.5AI score0.00317EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.21 views

Amazon Linux 2023 : zziplib, zziplib-devel, zziplib-utils (ALAS2023-2023-006)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-006 advisory. Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value zzipfileread in the function unzzipcatfile. CVE-2020-18442 Tenable has extracted the preceding...

3.3CVSS5.8AI score0.00745EPSS
Exploits1References4
OSV
OSV
added 2021/12/28 12:0 a.m.27 views

DLA-2859-1 zziplib - security update

Bulletin has no description...

3.3CVSS3.9AI score0.00745EPSS
Exploits1
AlmaLinux
AlmaLinux
added 2021/11/09 8:59 a.m.26 views

Low: zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: infinite loop via the return value of zzipfileread as used in unzzipcatfile CVE-2020-18442 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

3.3CVSS4.6AI score0.00745EPSS
Exploits1References2
OSV
OSV
added 2021/07/20 10:46 a.m.7 views

MGASA-2021-0359 Updated zziplib packages fix security vulnerability

Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzipfileread" in the function "unzzipcatfile" CVE-2020-18442...

3.3CVSS3.9AI score0.00745EPSS
Exploits1References3
OSV
OSV
added 2021/06/25 4:4 p.m.8 views

SUSE-SU-2021:2164-1 Security update for zziplib

This update for zziplib fixes the following issues: - CVE-2020-18442: Fixed infinite loop in zzipfileread as used in unzzipcatfile bsc1187526...

3.3CVSS4AI score0.00745EPSS
Exploits1References3
OSV
OSV
added 2018/10/24 9:0 a.m.1 views

SUSE-SU-2018:3379-1 Security update for zziplib

This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any '../' components from pathnames of extracted files to avoid path traversal during unpacking. bsc1110687...

5.8CVSS5.5AI score0.01538EPSS
Exploits1References3
OSV
OSV
added 2018/10/18 12:29 p.m.2 views

SUSE-SU-2018:3220-1 Security update for zziplib

This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any '../' components from pathnames of extracted files to avoid path traversal during unpacking. bsc1110687...

5.8CVSS5.5AI score0.01538EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2018/06/07 12:7 p.m.29 views

Security update for zziplib (moderate)

This update for zziplib fixes the following issues: Security issue fixed: - CVE-2018-6542: Reject file if the size of the central directory is too big and display an error message bsc1079094. This update was imported from the SUSE:SLE-12:Update update project...

4.3CVSS1.1AI score0.01244EPSS
Exploits1References1
OSV
OSV
added 2018/06/05 1:41 p.m.10 views

SUSE-SU-2018:1507-1 Security update for zziplib

This update for zziplib fixes the following issues: Security issue fixed: - CVE-2018-6542: Reject file if the size of the central directory is too big and display an error message bsc1079094...

6.5CVSS6AI score0.01244EPSS
Exploits1References3
OSV
OSV
added 2018/04/11 6:43 a.m.6 views

SUSE-SU-2018:0919-1 Security update for zziplib

This update for zziplib fixes the following issues: Security issues fixed: - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...

6.5CVSS5.7AI score0.0175EPSS
Exploits2References5
OSV
OSV
added 2018/02/27 9:45 a.m.13 views

SUSE-SU-2018:0548-1 Security update for zziplib

This update for zziplib fixes the following issues: Version update to 0.13.67 contains lots of bug- and security fixes. - If an extension block is too small to hold an extension, do not use the information therein. - CVE-2018-6540: If the End of central directory record EOCD contains an Offset of...

6.5CVSS5.8AI score0.02305EPSS
Exploits3References10
OSV
OSV
added 2018/02/20 12:0 a.m.17 views

DLA-1287-1 zziplib - security update

Bulletin has no description...

6.5CVSS5.8AI score0.02854EPSS
Exploits1
OSV
OSV
added 2017/06/09 11:5 p.m.8 views

MGASA-2017-0163 Updated zziplib packages fix security vulnerability

Heap-based buffer overflow in zzipget32 in fetch.c CVE-2017-5974. Heap-based buffer overflow in zzipget64 in fetch.c CVE-2017-5975. Heap-based buffer overflow in zzipmementryextrablock in memdisk.c CVE-2017-5976. Invalid memory read in zzipmementryextrablock in memdisk.c CVE-2017-5977. Out of...

5.5CVSS5.7AI score0.02078EPSS
Exploits8References3
OSV
OSV
added 2017/04/24 8:30 a.m.4 views

SUSE-SU-2017:1095-1 Security update for zziplib

This update for zziplib fixes the following issues: Secuirty issues fixed: - CVE-2017-5974: heap-based buffer overflow in zzipget32 fetch.c bsc1024517 - CVE-2017-5975: heap-based buffer overflow in zzipget64 fetch.c bsc1024528 - CVE-2017-5976: heap-based buffer overflow in zzipmementryextrablock...

5.5CVSS5.8AI score0.02078EPSS
Exploits8References19
Rows per page
Query Builder