Search for packages
Package details: pkg:deb/debian/gzip@1.3.5-15
purl pkg:deb/debian/gzip@1.3.5-15
Next non-vulnerable version 1.10-4+deb11u1
Latest non-vulnerable version 1.10-4+deb11u1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-1jzu-evut-aaaj
Aliases:
CVE-2010-0001
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
1.3.12-9+squeeze1
Affected by 1 other vulnerability.
VCID-kzvy-qy9e-aaah
Aliases:
CVE-2009-2624
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression.
1.3.12-9+squeeze1
Affected by 1 other vulnerability.
VCID-zgc5-nzyz-aaan
Aliases:
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.
1.9-3+deb10u1
Affected by 1 other vulnerability.
1.10-4+deb11u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-2zcv-cwfh-aaam Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference. CVE-2006-4334
VCID-4xbk-nrh8-aaae Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability." CVE-2006-4335
VCID-gka1-9yen-aaac unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive. CVE-2006-4338
VCID-s7gt-7ycd-aaae Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index. CVE-2006-4336
VCID-v6sp-df63-aaah Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive. CVE-2006-4337

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T17:20:57.402171+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:18:45.695929+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:45:22.916067+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:01:39.107461+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:40:35.473233+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:10:23.928443+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:44:10.468314+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:24:39.271451+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T00:24:08.685019+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac None 36.1.3
2025-06-20T23:59:56.815825+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.1.3
2025-06-20T23:38:44.646664+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae None 36.1.3
2025-06-20T23:12:46.365160+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae None 36.1.3
2025-06-20T22:52:43.192978+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.1.3
2025-06-20T21:55:48.513625+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam None 36.1.3
2025-06-20T21:30:21.777725+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah None 36.1.3
2025-06-20T20:32:33.950778+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.1.3
2025-06-08T12:05:35.328600+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:51:24.560422+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:01:59.372346+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:59:51.648784+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:30:37.330136+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:55:02.026283+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:33:47.846095+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:03:42.267125+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:38:20.943319+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:18:48.333684+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T17:46:56.630568+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac None 36.1.0
2025-06-07T17:22:50.673496+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.1.0
2025-06-07T17:01:40.914200+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae None 36.1.0
2025-06-07T16:35:53.088536+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae None 36.1.0
2025-06-07T16:16:03.518418+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.1.0
2025-06-07T15:19:07.750340+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam None 36.1.0
2025-06-07T14:52:46.416675+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah None 36.1.0
2025-06-07T14:05:41.262971+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.1.0
2025-04-12T22:33:50.254215+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:51:51.864183+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:39:06.444508+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:47:37.418842+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:02:27.468023+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:44:12.504276+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:51:02.906267+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:36:25.769890+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:34:16.336462+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:32:08.765605+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:03:03.042911+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:27:27.631579+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:06:31.078130+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:36:25.878244+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:10:47.238174+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:51:05.945676+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T16:23:22.117587+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac None 36.0.0
2025-04-07T15:56:59.445206+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.0.0
2025-04-07T15:34:55.494039+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae None 36.0.0
2025-04-07T15:08:03.742661+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae None 36.0.0
2025-04-07T14:47:34.104112+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.0.0
2025-04-07T13:50:37.805088+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam None 36.0.0
2025-04-07T13:24:47.717993+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah None 36.0.0
2025-04-07T12:39:30.621739+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.0.0
2024-11-27T13:04:34.119329+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T05:50:43.425102+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-25T20:00:13.208700+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-25T19:58:54.863357+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-25T19:57:37.695249+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-25T19:56:32.824748+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-25T19:55:14.855195+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T07:33:56.454352+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T02:32:23.709449+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T04:07:28.928361+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T04:06:35.011649+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T04:05:43.595358+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T04:05:03.441229+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T04:04:11.080559+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T21:21:58.629725+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:33:49.522766+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T12:37:24.474545+00:00 Debian Oval Importer Fixing VCID-gka1-9yen-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T12:37:07.999078+00:00 Debian Oval Importer Fixing VCID-v6sp-df63-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T12:36:51.708762+00:00 Debian Oval Importer Fixing VCID-s7gt-7ycd-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T12:36:47.327259+00:00 Debian Oval Importer Fixing VCID-4xbk-nrh8-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T12:36:30.939469+00:00 Debian Oval Importer Fixing VCID-2zcv-cwfh-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1