Search for packages
| purl | pkg:deb/debian/cabextract@1.4-5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-324x-qevr-aaaq
Aliases: CVE-2015-2060 |
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4pxy-6rjv-aaae | In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. |
CVE-2018-18584
|
| VCID-a3zp-cm4d-aaah | Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop. |
CVE-2014-9556
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T17:00:53.557709+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:37:03.771721+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:05:44.735059+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T00:22:15.064534+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | None | 36.1.3 |
| 2025-06-20T23:57:20.137644+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | None | 36.1.3 |
| 2025-06-20T21:49:33.356006+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | None | 36.1.3 |
| 2025-06-08T12:55:45.946568+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:43:07.453237+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:45:56.552976+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:22:39.990324+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:00:36.807673+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T17:45:04.240419+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | None | 36.1.0 |
| 2025-06-07T17:20:14.165388+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | None | 36.1.0 |
| 2025-06-07T15:12:41.032839+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | None | 36.1.0 |
| 2025-04-12T20:05:03.545799+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:43:00.526106+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:29:56.974655+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T08:18:15.055814+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:54:56.193880+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:32:32.793322+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T16:21:16.761982+00:00 | Debian Oval Importer | Fixing | VCID-a3zp-cm4d-aaah | None | 36.0.0 |
| 2025-04-07T15:54:14.732251+00:00 | Debian Oval Importer | Fixing | VCID-4pxy-6rjv-aaae | None | 36.0.0 |
| 2025-04-07T13:44:23.223616+00:00 | Debian Oval Importer | Affected by | VCID-324x-qevr-aaaq | None | 36.0.0 |