Search for packages
| purl | pkg:ebuild/app-arch/unzip@6.0_p20 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-k658-w9mb-tyfq | unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. |
CVE-2014-9636
|
| VCID-kst5-hvc6-6ugy | Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. |
CVE-2014-8140
|
| VCID-myfq-v13h-yue6 | Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. |
CVE-2014-8139
|
| VCID-wz9z-wubj-ffg6 | Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. |
CVE-2014-8141
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T19:18:29.927459+00:00 | Gentoo Importer | Fixing | VCID-k658-w9mb-tyfq | https://security.gentoo.org/glsa/201611-01 | 38.6.0 |
| 2026-06-04T19:18:29.909519+00:00 | Gentoo Importer | Fixing | VCID-wz9z-wubj-ffg6 | https://security.gentoo.org/glsa/201611-01 | 38.6.0 |
| 2026-06-04T19:18:29.892897+00:00 | Gentoo Importer | Fixing | VCID-kst5-hvc6-6ugy | https://security.gentoo.org/glsa/201611-01 | 38.6.0 |
| 2026-06-04T19:18:29.877195+00:00 | Gentoo Importer | Fixing | VCID-myfq-v13h-yue6 | https://security.gentoo.org/glsa/201611-01 | 38.6.0 |