Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
Typedeb
Namespacedebian
Nameunrar-nonfree
Version1:7.2.5-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:7.2.5-2
Latest_non_vulnerable_version1:7.2.5-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-b8js-x7uu-wka5
vulnerability_id VCID-b8js-x7uu-wka5
summary Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive that causes a negative signed number to be cast to a large unsigned number.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3726
reference_id
reference_type
scores
0
value 0.00992
scoring_system epss
scoring_elements 0.76934
published_at 2026-04-21T12:55:00Z
1
value 0.00992
scoring_system epss
scoring_elements 0.76895
published_at 2026-04-13T12:55:00Z
2
value 0.00992
scoring_system epss
scoring_elements 0.76937
published_at 2026-04-16T12:55:00Z
3
value 0.00992
scoring_system epss
scoring_elements 0.76942
published_at 2026-04-18T12:55:00Z
4
value 0.00992
scoring_system epss
scoring_elements 0.76851
published_at 2026-04-07T12:55:00Z
5
value 0.00992
scoring_system epss
scoring_elements 0.76883
published_at 2026-04-08T12:55:00Z
6
value 0.00992
scoring_system epss
scoring_elements 0.76893
published_at 2026-04-09T12:55:00Z
7
value 0.00992
scoring_system epss
scoring_elements 0.76921
published_at 2026-04-11T12:55:00Z
8
value 0.00992
scoring_system epss
scoring_elements 0.769
published_at 2026-04-12T12:55:00Z
9
value 0.0117
scoring_system epss
scoring_elements 0.78618
published_at 2026-04-02T12:55:00Z
10
value 0.0117
scoring_system epss
scoring_elements 0.78648
published_at 2026-04-04T12:55:00Z
11
value 0.0117
scoring_system epss
scoring_elements 0.78611
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3726
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3726
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3726
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437703
reference_id 437703
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437703
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437704
reference_id 437704
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437704
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@3.7.3-1.1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@3.7.3-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@3.7.3-1.1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2007-3726
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8js-x7uu-wka5
1
url VCID-bv1j-kw6x-2be3
vulnerability_id VCID-bv1j-kw6x-2be3
summary 
Multiple vulnerabilities have been found in ClamAV, the worst of
    which may allow remote attackers to execute arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6706
reference_id
reference_type
scores
0
value 0.02316
scoring_system epss
scoring_elements 0.84711
published_at 2026-04-01T12:55:00Z
1
value 0.02316
scoring_system epss
scoring_elements 0.8477
published_at 2026-04-08T12:55:00Z
2
value 0.02316
scoring_system epss
scoring_elements 0.84777
published_at 2026-04-09T12:55:00Z
3
value 0.02316
scoring_system epss
scoring_elements 0.84794
published_at 2026-04-11T12:55:00Z
4
value 0.02316
scoring_system epss
scoring_elements 0.8479
published_at 2026-04-12T12:55:00Z
5
value 0.02316
scoring_system epss
scoring_elements 0.84785
published_at 2026-04-13T12:55:00Z
6
value 0.02316
scoring_system epss
scoring_elements 0.84806
published_at 2026-04-16T12:55:00Z
7
value 0.02316
scoring_system epss
scoring_elements 0.84726
published_at 2026-04-02T12:55:00Z
8
value 0.02316
scoring_system epss
scoring_elements 0.84746
published_at 2026-04-04T12:55:00Z
9
value 0.02316
scoring_system epss
scoring_elements 0.84748
published_at 2026-04-07T12:55:00Z
10
value 0.02433
scoring_system epss
scoring_elements 0.85178
published_at 2026-04-21T12:55:00Z
11
value 0.02433
scoring_system epss
scoring_elements 0.8518
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6706
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6706
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865461
reference_id 865461
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865461
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867223
reference_id 867223
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867223
5
reference_url https://security.archlinux.org/ASA-201803-14
reference_id ASA-201803-14
reference_type
scores
url https://security.archlinux.org/ASA-201803-14
6
reference_url https://security.archlinux.org/AVG-602
reference_id AVG-602
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-602
7
reference_url https://security.archlinux.org/AVG-604
reference_id AVG-604
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-604
8
reference_url https://security.gentoo.org/glsa/201708-05
reference_id GLSA-201708-05
reference_type
scores
url https://security.gentoo.org/glsa/201708-05
9
reference_url https://security.gentoo.org/glsa/201709-24
reference_id GLSA-201709-24
reference_type
scores
url https://security.gentoo.org/glsa/201709-24
10
reference_url https://security.gentoo.org/glsa/201710-21
reference_id GLSA-201710-21
reference_type
scores
url https://security.gentoo.org/glsa/201710-21
11
reference_url https://security.gentoo.org/glsa/201804-16
reference_id GLSA-201804-16
reference_type
scores
url https://security.gentoo.org/glsa/201804-16
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:5.5.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:5.5.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:5.5.5-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2012-6706
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv1j-kw6x-2be3
2
url VCID-f34r-6g94-kfbb
vulnerability_id VCID-f34r-6g94-kfbb
summary 
Multiple vulnerabilities have been found in RAR and UnRAR, the
    worst of which may allow attackers to execute arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12940
reference_id
reference_type
scores
0
value 0.00448
scoring_system epss
scoring_elements 0.63577
published_at 2026-04-21T12:55:00Z
1
value 0.00448
scoring_system epss
scoring_elements 0.63593
published_at 2026-04-18T12:55:00Z
2
value 0.00448
scoring_system epss
scoring_elements 0.63462
published_at 2026-04-01T12:55:00Z
3
value 0.00448
scoring_system epss
scoring_elements 0.63521
published_at 2026-04-02T12:55:00Z
4
value 0.00448
scoring_system epss
scoring_elements 0.63549
published_at 2026-04-13T12:55:00Z
5
value 0.00448
scoring_system epss
scoring_elements 0.63513
published_at 2026-04-07T12:55:00Z
6
value 0.00448
scoring_system epss
scoring_elements 0.63565
published_at 2026-04-08T12:55:00Z
7
value 0.00448
scoring_system epss
scoring_elements 0.63582
published_at 2026-04-12T12:55:00Z
8
value 0.00448
scoring_system epss
scoring_elements 0.63597
published_at 2026-04-11T12:55:00Z
9
value 0.00448
scoring_system epss
scoring_elements 0.63585
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12940
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12940
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12940
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.gentoo.org/glsa/201709-24
reference_id GLSA-201709-24
reference_type
scores
url https://security.gentoo.org/glsa/201709-24
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:5.5.8-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2017-12940
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f34r-6g94-kfbb
3
url VCID-fgxb-t1tg-kyay
vulnerability_id VCID-fgxb-t1tg-kyay
summary UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-20006
reference_id
reference_type
scores
0
value 0.0036
scoring_system epss
scoring_elements 0.58184
published_at 2026-04-21T12:55:00Z
1
value 0.0036
scoring_system epss
scoring_elements 0.58062
published_at 2026-04-01T12:55:00Z
2
value 0.0036
scoring_system epss
scoring_elements 0.58148
published_at 2026-04-02T12:55:00Z
3
value 0.0036
scoring_system epss
scoring_elements 0.58168
published_at 2026-04-04T12:55:00Z
4
value 0.0036
scoring_system epss
scoring_elements 0.58143
published_at 2026-04-07T12:55:00Z
5
value 0.0036
scoring_system epss
scoring_elements 0.58197
published_at 2026-04-08T12:55:00Z
6
value 0.0036
scoring_system epss
scoring_elements 0.58201
published_at 2026-04-09T12:55:00Z
7
value 0.0036
scoring_system epss
scoring_elements 0.58217
published_at 2026-04-11T12:55:00Z
8
value 0.0036
scoring_system epss
scoring_elements 0.58194
published_at 2026-04-12T12:55:00Z
9
value 0.0036
scoring_system epss
scoring_elements 0.58174
published_at 2026-04-13T12:55:00Z
10
value 0.0036
scoring_system epss
scoring_elements 0.58206
published_at 2026-04-16T12:55:00Z
11
value 0.0036
scoring_system epss
scoring_elements 0.58208
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-20006
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20006
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20006
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:5.6.6-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:5.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:5.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2017-20006
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgxb-t1tg-kyay
4
url VCID-gjr1-fc83-dfe6
vulnerability_id VCID-gjr1-fc83-dfe6
summary An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30333
reference_id
reference_type
scores
0
value 0.92811
scoring_system epss
scoring_elements 0.99764
published_at 2026-04-21T12:55:00Z
1
value 0.92811
scoring_system epss
scoring_elements 0.99762
published_at 2026-04-13T12:55:00Z
2
value 0.92811
scoring_system epss
scoring_elements 0.99763
published_at 2026-04-18T12:55:00Z
3
value 0.92844
scoring_system epss
scoring_elements 0.99765
published_at 2026-04-04T12:55:00Z
4
value 0.92844
scoring_system epss
scoring_elements 0.99764
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30333
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30333
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30333
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010837
reference_id 1010837
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010837
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012228
reference_id 1012228
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012228
5
reference_url https://security.gentoo.org/glsa/202309-04
reference_id GLSA-202309-04
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-01-29T16:18:17Z/
url https://security.gentoo.org/glsa/202309-04
6
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html
reference_id msg00022.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-01-29T16:18:17Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html
7
reference_url https://www.rarlab.com/rar_add.htm
reference_id rar_add.htm
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-01-29T16:18:17Z/
url https://www.rarlab.com/rar_add.htm
8
reference_url https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
reference_id rarlinux-x32-612.tar.gz
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-01-29T16:18:17Z/
url https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
9
reference_url https://usn.ubuntu.com/6569-1/
reference_id USN-6569-1
reference_type
scores
url https://usn.ubuntu.com/6569-1/
10
reference_url https://usn.ubuntu.com/7349-1/
reference_id USN-7349-1
reference_type
scores
url https://usn.ubuntu.com/7349-1/
11
reference_url https://usn.ubuntu.com/7350-1/
reference_id USN-7350-1
reference_type
scores
url https://usn.ubuntu.com/7350-1/
12
reference_url https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
reference_id zimbra-pre-auth-rce-via-unrar-0day
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-01-29T16:18:17Z/
url https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
13
reference_url http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html
reference_id Zimbra-UnRAR-Path-Traversal.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-01-29T16:18:17Z/
url http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.1.7-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.1.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.1.7-1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
6
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2022-30333
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjr1-fc83-dfe6
5
url VCID-gkjf-x8s7-57dn
vulnerability_id VCID-gkjf-x8s7-57dn
summary RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-33899
reference_id
reference_type
scores
0
value 0.01033
scoring_system epss
scoring_elements 0.7738
published_at 2026-04-21T12:55:00Z
1
value 0.01033
scoring_system epss
scoring_elements 0.77373
published_at 2026-04-11T12:55:00Z
2
value 0.01033
scoring_system epss
scoring_elements 0.77352
published_at 2026-04-12T12:55:00Z
3
value 0.01033
scoring_system epss
scoring_elements 0.77349
published_at 2026-04-13T12:55:00Z
4
value 0.01033
scoring_system epss
scoring_elements 0.77389
published_at 2026-04-16T12:55:00Z
5
value 0.01033
scoring_system epss
scoring_elements 0.77388
published_at 2026-04-18T12:55:00Z
6
value 0.01033
scoring_system epss
scoring_elements 0.77297
published_at 2026-04-02T12:55:00Z
7
value 0.01033
scoring_system epss
scoring_elements 0.77325
published_at 2026-04-04T12:55:00Z
8
value 0.01033
scoring_system epss
scoring_elements 0.77306
published_at 2026-04-07T12:55:00Z
9
value 0.01033
scoring_system epss
scoring_elements 0.77337
published_at 2026-04-08T12:55:00Z
10
value 0.01033
scoring_system epss
scoring_elements 0.77346
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-33899
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33899
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983
reference_id ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T20:30:00Z/
url https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983
4
reference_url https://www.rarlab.com/rarnew.htm
reference_id rarnew.htm
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T20:30:00Z/
url https://www.rarlab.com/rarnew.htm
5
reference_url https://usn.ubuntu.com/7350-1/
reference_id USN-7350-1
reference_type
scores
url https://usn.ubuntu.com/7350-1/
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:7.0.3-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.0.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.0.3-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2024-33899
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkjf-x8s7-57dn
6
url VCID-hfdc-gb8e-5ydx
vulnerability_id VCID-hfdc-gb8e-5ydx
summary UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-25018
reference_id
reference_type
scores
0
value 0.0041
scoring_system epss
scoring_elements 0.61375
published_at 2026-04-21T12:55:00Z
1
value 0.0041
scoring_system epss
scoring_elements 0.61226
published_at 2026-04-01T12:55:00Z
2
value 0.0041
scoring_system epss
scoring_elements 0.61306
published_at 2026-04-02T12:55:00Z
3
value 0.0041
scoring_system epss
scoring_elements 0.61335
published_at 2026-04-04T12:55:00Z
4
value 0.0041
scoring_system epss
scoring_elements 0.61303
published_at 2026-04-07T12:55:00Z
5
value 0.0041
scoring_system epss
scoring_elements 0.6135
published_at 2026-04-08T12:55:00Z
6
value 0.0041
scoring_system epss
scoring_elements 0.61365
published_at 2026-04-09T12:55:00Z
7
value 0.0041
scoring_system epss
scoring_elements 0.61386
published_at 2026-04-11T12:55:00Z
8
value 0.0041
scoring_system epss
scoring_elements 0.61372
published_at 2026-04-12T12:55:00Z
9
value 0.0041
scoring_system epss
scoring_elements 0.61353
published_at 2026-04-13T12:55:00Z
10
value 0.0041
scoring_system epss
scoring_elements 0.61392
published_at 2026-04-16T12:55:00Z
11
value 0.0041
scoring_system epss
scoring_elements 0.61396
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-25018
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25018
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990541
reference_id 990541
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990541
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:5.6.6-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:5.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:5.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2018-25018
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hfdc-gb8e-5ydx
7
url VCID-k4zz-huer-13hq
vulnerability_id VCID-k4zz-huer-13hq
summary UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-48579
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.2277
published_at 2026-04-21T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.2291
published_at 2026-04-02T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22802
published_at 2026-04-13T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22816
published_at 2026-04-16T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.2281
published_at 2026-04-18T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22954
published_at 2026-04-04T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22747
published_at 2026-04-07T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22823
published_at 2026-04-08T12:55:00Z
8
value 0.00076
scoring_system epss
scoring_elements 0.22876
published_at 2026-04-09T12:55:00Z
9
value 0.00076
scoring_system epss
scoring_elements 0.22895
published_at 2026-04-11T12:55:00Z
10
value 0.00076
scoring_system epss
scoring_elements 0.22858
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-48579
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48579
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48579
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050080
reference_id 1050080
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050080
4
reference_url https://github.com/pmachapman/unrar/commit/2ecab6bb5ac4f3b88f270218445496662020205f#diff-ca3086f578522062d7e390ed2cd7e10f646378a8b8cbf287a6e4db5966df68ee
reference_id 2ecab6bb5ac4f3b88f270218445496662020205f#diff-ca3086f578522062d7e390ed2cd7e10f646378a8b8cbf287a6e4db5966df68ee
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T13:56:53Z/
url https://github.com/pmachapman/unrar/commit/2ecab6bb5ac4f3b88f270218445496662020205f#diff-ca3086f578522062d7e390ed2cd7e10f646378a8b8cbf287a6e4db5966df68ee
5
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00023.html
reference_id msg00023.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-17T13:56:53Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00023.html
6
reference_url https://usn.ubuntu.com/7350-1/
reference_id USN-7350-1
reference_type
scores
url https://usn.ubuntu.com/7350-1/
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.3-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.3-1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
6
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2022-48579
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4zz-huer-13hq
8
url VCID-k7bd-dhht-xqa2
vulnerability_id VCID-k7bd-dhht-xqa2
summary UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12938
reference_id
reference_type
scores
0
value 0.0089
scoring_system epss
scoring_elements 0.75553
published_at 2026-04-21T12:55:00Z
1
value 0.0089
scoring_system epss
scoring_elements 0.75567
published_at 2026-04-18T12:55:00Z
2
value 0.0089
scoring_system epss
scoring_elements 0.75465
published_at 2026-04-01T12:55:00Z
3
value 0.0089
scoring_system epss
scoring_elements 0.75467
published_at 2026-04-02T12:55:00Z
4
value 0.0089
scoring_system epss
scoring_elements 0.75498
published_at 2026-04-04T12:55:00Z
5
value 0.0089
scoring_system epss
scoring_elements 0.75478
published_at 2026-04-07T12:55:00Z
6
value 0.0089
scoring_system epss
scoring_elements 0.7552
published_at 2026-04-08T12:55:00Z
7
value 0.0089
scoring_system epss
scoring_elements 0.7553
published_at 2026-04-09T12:55:00Z
8
value 0.0089
scoring_system epss
scoring_elements 0.7555
published_at 2026-04-11T12:55:00Z
9
value 0.0089
scoring_system epss
scoring_elements 0.75528
published_at 2026-04-12T12:55:00Z
10
value 0.0089
scoring_system epss
scoring_elements 0.75519
published_at 2026-04-13T12:55:00Z
11
value 0.0089
scoring_system epss
scoring_elements 0.75561
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12938
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12938
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12938
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:5.5.8-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2017-12938
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k7bd-dhht-xqa2
9
url VCID-pu5p-qncp-nyb9
vulnerability_id VCID-pu5p-qncp-nyb9
summary 
RAR and UnRAR contain a buffer overflow allowing the execution of arbitrary
    code.
references
0
reference_url http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=472
reference_id
reference_type
scores
url http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=472
1
reference_url http://osvdb.org/33124
reference_id
reference_type
scores
url http://osvdb.org/33124
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0855
reference_id
reference_type
scores
0
value 0.05503
scoring_system epss
scoring_elements 0.90245
published_at 2026-04-21T12:55:00Z
1
value 0.05503
scoring_system epss
scoring_elements 0.90186
published_at 2026-04-01T12:55:00Z
2
value 0.05503
scoring_system epss
scoring_elements 0.90189
published_at 2026-04-02T12:55:00Z
3
value 0.05503
scoring_system epss
scoring_elements 0.90202
published_at 2026-04-04T12:55:00Z
4
value 0.05503
scoring_system epss
scoring_elements 0.90207
published_at 2026-04-07T12:55:00Z
5
value 0.05503
scoring_system epss
scoring_elements 0.90223
published_at 2026-04-08T12:55:00Z
6
value 0.05503
scoring_system epss
scoring_elements 0.90229
published_at 2026-04-09T12:55:00Z
7
value 0.05503
scoring_system epss
scoring_elements 0.90237
published_at 2026-04-11T12:55:00Z
8
value 0.05503
scoring_system epss
scoring_elements 0.90236
published_at 2026-04-12T12:55:00Z
9
value 0.05503
scoring_system epss
scoring_elements 0.90231
published_at 2026-04-13T12:55:00Z
10
value 0.05503
scoring_system epss
scoring_elements 0.90248
published_at 2026-04-16T12:55:00Z
11
value 0.05503
scoring_system epss
scoring_elements 0.90249
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0855
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855
4
reference_url http://secunia.com/advisories/24077
reference_id
reference_type
scores
url http://secunia.com/advisories/24077
5
reference_url http://secunia.com/advisories/24165
reference_id
reference_type
scores
url http://secunia.com/advisories/24165
6
reference_url http://security.gentoo.org/glsa/glsa-200702-04.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200702-04.xml
7
reference_url http://securitytracker.com/id?1017593
reference_id
reference_type
scores
url http://securitytracker.com/id?1017593
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32357
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32357
9
reference_url http://www.novell.com/linux/security/advisories/2007_5_sr.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2007_5_sr.html
10
reference_url http://www.securityfocus.com/bid/22447
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/22447
11
reference_url http://www.vupen.com/english/advisories/2007/0523
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/0523
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410580
reference_id 410580
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410580
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410582
reference_id 410582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410582
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rarlab:unrar:3.60:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rarlab:unrar:3.60:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rarlab:unrar:3.60:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rarlab:unrar:3.61:*:*:*:*:*:*:*
reference_id cpe:2.3:a:rarlab:unrar:3.61:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rarlab:unrar:3.61:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-0855
reference_id CVE-2007-0855
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2007-0855
17
reference_url https://security.gentoo.org/glsa/200702-04
reference_id GLSA-200702-04
reference_type
scores
url https://security.gentoo.org/glsa/200702-04
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:3.7.3-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:3.7.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:3.7.3-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2007-0855
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pu5p-qncp-nyb9
10
url VCID-puzg-hype-rqge
vulnerability_id VCID-puzg-hype-rqge
summary 
Multiple vulnerabilities have been found in RAR and UnRAR, the
    worst of which may allow attackers to execute arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12942
reference_id
reference_type
scores
0
value 0.00479
scoring_system epss
scoring_elements 0.65073
published_at 2026-04-21T12:55:00Z
1
value 0.00479
scoring_system epss
scoring_elements 0.65089
published_at 2026-04-18T12:55:00Z
2
value 0.00479
scoring_system epss
scoring_elements 0.64961
published_at 2026-04-01T12:55:00Z
3
value 0.00479
scoring_system epss
scoring_elements 0.65011
published_at 2026-04-02T12:55:00Z
4
value 0.00479
scoring_system epss
scoring_elements 0.65038
published_at 2026-04-04T12:55:00Z
5
value 0.00479
scoring_system epss
scoring_elements 0.65
published_at 2026-04-07T12:55:00Z
6
value 0.00479
scoring_system epss
scoring_elements 0.65049
published_at 2026-04-08T12:55:00Z
7
value 0.00479
scoring_system epss
scoring_elements 0.65063
published_at 2026-04-09T12:55:00Z
8
value 0.00479
scoring_system epss
scoring_elements 0.65081
published_at 2026-04-11T12:55:00Z
9
value 0.00479
scoring_system epss
scoring_elements 0.6507
published_at 2026-04-12T12:55:00Z
10
value 0.00479
scoring_system epss
scoring_elements 0.65043
published_at 2026-04-13T12:55:00Z
11
value 0.00479
scoring_system epss
scoring_elements 0.6508
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12942
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12942
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.gentoo.org/glsa/201709-24
reference_id GLSA-201709-24
reference_type
scores
url https://security.gentoo.org/glsa/201709-24
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:5.5.8-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2017-12942
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-puzg-hype-rqge
11
url VCID-tsuy-3xvt-bqgv
vulnerability_id VCID-tsuy-3xvt-bqgv
summary 
Multiple vulnerabilities have been found in RAR and UnRAR, the
    worst of which may allow attackers to execute arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12941
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65312
published_at 2026-04-18T12:55:00Z
1
value 0.00484
scoring_system epss
scoring_elements 0.65302
published_at 2026-04-16T12:55:00Z
2
value 0.00484
scoring_system epss
scoring_elements 0.65187
published_at 2026-04-01T12:55:00Z
3
value 0.00484
scoring_system epss
scoring_elements 0.65236
published_at 2026-04-02T12:55:00Z
4
value 0.00484
scoring_system epss
scoring_elements 0.65262
published_at 2026-04-04T12:55:00Z
5
value 0.00484
scoring_system epss
scoring_elements 0.65228
published_at 2026-04-07T12:55:00Z
6
value 0.00484
scoring_system epss
scoring_elements 0.65277
published_at 2026-04-08T12:55:00Z
7
value 0.00484
scoring_system epss
scoring_elements 0.6529
published_at 2026-04-09T12:55:00Z
8
value 0.00484
scoring_system epss
scoring_elements 0.65308
published_at 2026-04-11T12:55:00Z
9
value 0.00484
scoring_system epss
scoring_elements 0.65295
published_at 2026-04-21T12:55:00Z
10
value 0.00484
scoring_system epss
scoring_elements 0.65267
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12941
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12941
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.gentoo.org/glsa/201709-24
reference_id GLSA-201709-24
reference_type
scores
url https://security.gentoo.org/glsa/201709-24
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:5.5.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:5.5.8-1%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2017-12941
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsuy-3xvt-bqgv
12
url VCID-xz6c-axe8-8qbn
vulnerability_id VCID-xz6c-axe8-8qbn
summary An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-40477
reference_id
reference_type
scores
0
value 0.92803
scoring_system epss
scoring_elements 0.9976
published_at 2026-04-13T12:55:00Z
1
value 0.92803
scoring_system epss
scoring_elements 0.99759
published_at 2026-04-02T12:55:00Z
2
value 0.92803
scoring_system epss
scoring_elements 0.99761
published_at 2026-04-18T12:55:00Z
3
value 0.92835
scoring_system epss
scoring_elements 0.99765
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-40477
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40477
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.gentoo.org/glsa/202309-04
reference_id GLSA-202309-04
reference_type
scores
url https://security.gentoo.org/glsa/202309-04
4
reference_url https://security.gentoo.org/glsa/202507-03
reference_id GLSA-202507-03
reference_type
scores
url https://security.gentoo.org/glsa/202507-03
5
reference_url https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa
reference_id singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-18T13:35:58Z/
url https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa
6
reference_url https://usn.ubuntu.com/6569-1/
reference_id USN-6569-1
reference_type
scores
url https://usn.ubuntu.com/6569-1/
7
reference_url https://usn.ubuntu.com/7349-1/
reference_id USN-7349-1
reference_type
scores
url https://usn.ubuntu.com/7349-1/
8
reference_url https://usn.ubuntu.com/7350-1/
reference_id USN-7350-1
reference_type
scores
url https://usn.ubuntu.com/7350-1/
9
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1152/
reference_id ZDI-23-1152
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-18T13:35:58Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1152/
fixed_packages
0
url pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.0.3-1%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.0.3-1%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.6-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkjf-x8s7-57dn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.6-1%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/unrar-nonfree@1:6.2.10-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:6.2.10-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:6.2.10-1%3Fdistro=trixie
3
url pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.1.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.1.8-1%3Fdistro=trixie
4
url pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie
5
url pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
purl pkg:deb/debian/unrar-nonfree@1:7.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-2%3Fdistro=trixie
aliases CVE-2023-40477
risk_score 9.4
exploitability 2.0
weighted_severity 4.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xz6c-axe8-8qbn
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/unrar-nonfree@1:7.2.5-1%3Fdistro=trixie