Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/unrar-nonfree@1:4.1.4-1%2Bdeb7u1
purl pkg:deb/debian/unrar-nonfree@1:4.1.4-1%2Bdeb7u1
Next non-vulnerable version 1:7.1.8-1
Latest non-vulnerable version 1:7.1.8-1
Risk 10.0
Vulnerabilities affecting this package (10)
Vulnerability Summary Fixed by
VCID-bv1j-kw6x-2be3
Aliases:
CVE-2012-6706
Multiple vulnerabilities have been found in ClamAV, the worst of which may allow remote attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-f34r-6g94-kfbb
Aliases:
CVE-2017-12940
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-fgxb-t1tg-kyay
Aliases:
CVE-2017-20006
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-gjr1-fc83-dfe6
Aliases:
CVE-2022-30333
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
VCID-hfdc-gb8e-5ydx
Aliases:
CVE-2018-25018
UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-k4zz-huer-13hq
Aliases:
CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
VCID-k7bd-dhht-xqa2
Aliases:
CVE-2017-12938
UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-puzg-hype-rqge
Aliases:
CVE-2017-12942
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-tsuy-3xvt-bqgv
Aliases:
CVE-2017-12941
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-xz6c-axe8-8qbn
Aliases:
CVE-2023-40477
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T21:30:14.793542+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:48:26.505110+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:45:44.567215+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:17:26.949910+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:46:56.418760+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:33:15.833568+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:47:23.440223+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:00:57.588969+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:48:31.025978+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:38:02.358029+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T21:09:22.190642+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:29:18.332149+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:26:40.730223+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:00:51.103057+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:32:53.699522+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:19:36.010013+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:34:10.712825+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:48:31.275978+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:36:12.318777+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:25:55.028158+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T20:48:24.051071+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:09:38.379757+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:07:08.741553+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:45:20.747356+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:20:42.863585+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:08:03.760578+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:25:09.587383+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:42:02.984744+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:30:12.774297+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:20:22.732294+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0