VulnerableCode Package Details - pkg:deb/debian/minizip@1.1-5~bpo70%2B1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/minizip@1.1-5~bpo70%2B1

Essentials
History (6)

purl	pkg:deb/debian/minizip@1.1-5~bpo70%2B1

Next non-vulnerable version	1.1-8+deb11u1
Latest non-vulnerable version	1.1-8+deb11u1
Risk	4.5

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-jb78-nstn-ykfr Aliases: CVE-2014-9485	Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive.	1.1-8 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-v6pc-48dg-4kad Aliases: CVE-2023-45853 GHSA-mq29-j5xf-cjwr	Integer Overflow or Wraparound MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.	1.1-8+deb11u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T21:59:37.766275+00:00	Debian Oval Importer	Affected by	VCID-v6pc-48dg-4kad	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:26:52.123932+00:00	Debian Oval Importer	Affected by	VCID-jb78-nstn-ykfr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T21:37:52.621906+00:00	Debian Oval Importer	Affected by	VCID-v6pc-48dg-4kad	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:14:04.157822+00:00	Debian Oval Importer	Affected by	VCID-jb78-nstn-ykfr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:15:56.027364+00:00	Debian Oval Importer	Affected by	VCID-v6pc-48dg-4kad	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:06:25.282893+00:00	Debian Oval Importer	Affected by	VCID-jb78-nstn-ykfr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0