Search for packages
| purl | pkg:deb/debian/unrar-nonfree@1:5.6.6-1%2Bdeb10u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-gjr1-fc83-dfe6
Aliases: CVE-2022-30333 |
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution. |
Affected by 1 other vulnerability. |
|
VCID-k4zz-huer-13hq
Aliases: CVE-2022-48579 |
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains. |
Affected by 1 other vulnerability. |
|
VCID-xz6c-axe8-8qbn
Aliases: CVE-2023-40477 |
An arbitrary file overwrite vulnerability has been discovered in RAR and UnRAR, potentially resulting in arbitrary code execution. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-bv1j-kw6x-2be3 | Multiple vulnerabilities have been found in ClamAV, the worst of which may allow remote attackers to execute arbitrary code. |
CVE-2012-6706
|
| VCID-f34r-6g94-kfbb | Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. |
CVE-2017-12940
|
| VCID-fgxb-t1tg-kyay | UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile). |
CVE-2017-20006
|
| VCID-hfdc-gb8e-5ydx | UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext. |
CVE-2018-25018
|
| VCID-k7bd-dhht-xqa2 | UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file. |
CVE-2017-12938
|
| VCID-puzg-hype-rqge | Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. |
CVE-2017-12942
|
| VCID-tsuy-3xvt-bqgv | Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. |
CVE-2017-12941
|