Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/minizip@1.1-8%2Bdeb11u1?distro=bullseye
purl pkg:deb/debian/minizip@1.1-8%2Bdeb11u1?distro=bullseye
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-jb78-nstn-ykfr Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive. CVE-2014-9485
VCID-v6pc-48dg-4kad Integer Overflow or Wraparound MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. CVE-2023-45853
GHSA-mq29-j5xf-cjwr

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T10:27:42.403792+00:00 Debian Importer Fixing VCID-v6pc-48dg-4kad https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:31:33.693474+00:00 Debian Importer Fixing VCID-jb78-nstn-ykfr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T07:03:30.572123+00:00 Debian Importer Fixing VCID-v6pc-48dg-4kad https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:21:06.451429+00:00 Debian Importer Fixing VCID-jb78-nstn-ykfr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:46:01.028246+00:00 Debian Importer Fixing VCID-v6pc-48dg-4kad https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:01.003607+00:00 Debian Importer Fixing VCID-jb78-nstn-ykfr https://security-tracker.debian.org/tracker/data/json 38.1.0