Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/unrar-nonfree@1:3.8.2-1
purl pkg:deb/debian/unrar-nonfree@1:3.8.2-1
Next non-vulnerable version 1:7.1.8-1
Latest non-vulnerable version 1:7.1.8-1
Risk 10.0
Vulnerabilities affecting this package (10)
Vulnerability Summary Fixed by
VCID-bv1j-kw6x-2be3
Aliases:
CVE-2012-6706
Multiple vulnerabilities have been found in ClamAV, the worst of which may allow remote attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-f34r-6g94-kfbb
Aliases:
CVE-2017-12940
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-fgxb-t1tg-kyay
Aliases:
CVE-2017-20006
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-gjr1-fc83-dfe6
Aliases:
CVE-2022-30333
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
VCID-hfdc-gb8e-5ydx
Aliases:
CVE-2018-25018
UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-k4zz-huer-13hq
Aliases:
CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
VCID-k7bd-dhht-xqa2
Aliases:
CVE-2017-12938
UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-puzg-hype-rqge
Aliases:
CVE-2017-12942
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-tsuy-3xvt-bqgv
Aliases:
CVE-2017-12941
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-xz6c-axe8-8qbn
Aliases:
CVE-2023-40477
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-pu5p-qncp-nyb9 RAR and UnRAR contain a buffer overflow allowing the execution of arbitrary code. CVE-2007-0855

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T21:30:14.779478+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:48:26.497737+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:45:44.559229+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:11:33.442494+00:00 Debian Oval Importer Fixing VCID-pu5p-qncp-nyb9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:17:26.942882+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:46:56.411347+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:33:15.825825+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:47:23.433205+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:00:57.582025+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:48:31.019421+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:38:02.350245+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T21:09:22.183448+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:29:18.323927+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:26:40.722747+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:53:16.641460+00:00 Debian Oval Importer Fixing VCID-pu5p-qncp-nyb9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:00:51.095669+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:32:53.691528+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:19:36.001819+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:34:10.704874+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:48:31.268008+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:36:12.310287+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:25:55.019556+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T20:48:24.042358+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:09:38.371438+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:07:08.732709+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:35:29.540253+00:00 Debian Oval Importer Fixing VCID-pu5p-qncp-nyb9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:45:20.738497+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:20:42.854749+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:08:03.752170+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:25:09.578728+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:42:02.975046+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:30:12.764089+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:20:22.721718+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0