Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/unrar-nonfree@1:5.3.2-1%2Bdeb9u1
purl pkg:deb/debian/unrar-nonfree@1:5.3.2-1%2Bdeb9u1
Next non-vulnerable version 1:7.1.8-1
Latest non-vulnerable version 1:7.1.8-1
Risk 10.0
Vulnerabilities affecting this package (10)
Vulnerability Summary Fixed by
VCID-bv1j-kw6x-2be3
Aliases:
CVE-2012-6706
Multiple vulnerabilities have been found in ClamAV, the worst of which may allow remote attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-f34r-6g94-kfbb
Aliases:
CVE-2017-12940
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-fgxb-t1tg-kyay
Aliases:
CVE-2017-20006
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-gjr1-fc83-dfe6
Aliases:
CVE-2022-30333
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
VCID-hfdc-gb8e-5ydx
Aliases:
CVE-2018-25018
UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-k4zz-huer-13hq
Aliases:
CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
VCID-k7bd-dhht-xqa2
Aliases:
CVE-2017-12938
UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-puzg-hype-rqge
Aliases:
CVE-2017-12942
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-tsuy-3xvt-bqgv
Aliases:
CVE-2017-12941
Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code.
1:5.6.6-1+deb10u1
Affected by 3 other vulnerabilities.
VCID-xz6c-axe8-8qbn
Aliases:
CVE-2023-40477
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution.
1:6.0.3-1+deb11u3
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T21:30:14.810132+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:48:26.515998+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:45:44.579149+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:17:26.960255+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:46:56.429642+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:33:15.845376+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:47:23.450752+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:00:57.599410+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:48:31.035796+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:38:02.369196+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T21:09:22.201572+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:29:18.344524+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:26:40.740984+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:00:51.116720+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:32:53.714373+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:19:36.021927+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:34:10.724947+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:48:31.288367+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:36:12.331102+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:25:55.040875+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T20:48:24.064144+00:00 Debian Oval Importer Affected by VCID-fgxb-t1tg-kyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:09:38.392866+00:00 Debian Oval Importer Affected by VCID-hfdc-gb8e-5ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:07:08.755263+00:00 Debian Oval Importer Affected by VCID-f34r-6g94-kfbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:45:20.760231+00:00 Debian Oval Importer Affected by VCID-puzg-hype-rqge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:20:42.880268+00:00 Debian Oval Importer Affected by VCID-gjr1-fc83-dfe6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:08:03.773352+00:00 Debian Oval Importer Affected by VCID-k7bd-dhht-xqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:25:09.600270+00:00 Debian Oval Importer Affected by VCID-k4zz-huer-13hq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:42:02.999005+00:00 Debian Oval Importer Affected by VCID-xz6c-axe8-8qbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:30:12.788769+00:00 Debian Oval Importer Affected by VCID-tsuy-3xvt-bqgv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:20:22.748233+00:00 Debian Oval Importer Affected by VCID-bv1j-kw6x-2be3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0