Search for packages
| purl | pkg:deb/debian/cabextract@1.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-324x-qevr-aaaq
Aliases: CVE-2015-2060 |
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. |
Affected by 0 other vulnerabilities. |
|
VCID-4p44-7jvz-aaad
Aliases: CVE-2010-2801 |
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library. |
Affected by 3 other vulnerabilities. |
|
VCID-4pxy-6rjv-aaae
Aliases: CVE-2018-18584 |
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. |
Affected by 1 other vulnerability. |
|
VCID-a3zp-cm4d-aaah
Aliases: CVE-2014-9556 |
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop. |
Affected by 1 other vulnerability. |
|
VCID-qdsf-s4m4-aaag
Aliases: CVE-2010-2800 |
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library. |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9sva-628m-aaah | Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename. |
CVE-2004-0916
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T17:00:53.545920+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:37:03.760256+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:00:01.183089+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:59:50.580643+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:10:21.560759+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:05:44.726580+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T01:03:07.386120+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | None | 36.1.3 |
| 2025-06-21T00:30:29.256858+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | None | 36.1.3 |
| 2025-06-21T00:22:15.053978+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | None | 36.1.3 |
| 2025-06-20T23:57:20.127094+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | None | 36.1.3 |
| 2025-06-20T21:49:33.344523+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | None | 36.1.3 |
| 2025-06-20T21:06:00.476775+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | None | 36.1.3 |
| 2025-06-08T12:55:45.938916+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:43:07.444448+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:32:47.139254+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:45:56.543813+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:22:39.982593+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:54:09.052371+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:53:58.758184+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:05:07.003595+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:00:36.800127+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T18:25:38.627735+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | None | 36.1.0 |
| 2025-06-07T17:53:08.537563+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | None | 36.1.0 |
| 2025-06-07T17:45:04.232793+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | None | 36.1.0 |
| 2025-06-07T17:20:14.157820+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | None | 36.1.0 |
| 2025-06-07T15:12:41.023915+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | None | 36.1.0 |
| 2025-06-07T14:31:57.311591+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | None | 36.1.0 |
| 2025-04-12T20:58:32.604385+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:11:20.673349+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:05:03.520425+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:43:00.501365+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:29:56.949888+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:19:13.633271+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T08:18:15.031319+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:54:56.169379+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:26:37.844635+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:26:27.277852+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:37:09.476659+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:32:32.766963+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T17:03:15.221488+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | None | 36.0.0 |
| 2025-04-07T16:29:53.010939+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | None | 36.0.0 |
| 2025-04-07T16:21:16.734981+00:00 | Debian Oval Importer | Affected by | VCID-a3zp-cm4d-aaah | None | 36.0.0 |
| 2025-04-07T15:54:14.704993+00:00 | Debian Oval Importer | Affected by | VCID-4pxy-6rjv-aaae | None | 36.0.0 |
| 2025-04-07T13:44:23.194142+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | None | 36.0.0 |
| 2025-04-07T13:04:04.787516+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | None | 36.0.0 |
| 2025-03-07T02:02:16.068966+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.1.0 |
| 2025-03-07T02:02:15.395590+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 35.1.0 |
| 2025-03-07T01:44:40.853253+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | None | 35.1.0 |
| 2024-11-27T19:42:21.357739+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-27T19:40:41.247149+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-25T01:21:20.322692+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-13T12:10:21.717410+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-13T12:09:43.344736+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-11T15:55:44.704189+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-20T23:12:43.846352+00:00 | Debian Oval Importer | Affected by | VCID-4p44-7jvz-aaad | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T23:12:38.801053+00:00 | Debian Oval Importer | Affected by | VCID-qdsf-s4m4-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T10:14:46.813215+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-06-11T23:43:15.734967+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.0rc4 |
| 2024-06-11T23:43:14.949478+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 34.0.0rc4 |
| 2024-06-11T23:21:37.737524+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | None | 34.0.0rc4 |
| 2024-01-25T07:11:13.720107+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.0rc2 |
| 2024-01-25T07:11:12.939545+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 34.0.0rc2 |
| 2024-01-25T06:50:14.561587+00:00 | Debian Oval Importer | Fixing | VCID-9sva-628m-aaah | None | 34.0.0rc2 |