Search for packages
| purl | pkg:deb/debian/libzip@0.10.1-1.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5ynh-zkyv-aaas
Aliases: CVE-2015-2331 |
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow. |
Affected by 1 other vulnerability. |
|
VCID-yxe1-qn72-aaab
Aliases: CVE-2017-14107 |
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1d1p-zrrg-aaab | The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation. |
CVE-2011-0421
|
| VCID-85c3-h467-aaag | Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct." |
CVE-2012-1162
|
| VCID-t44w-s184-aaaa | Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak. |
CVE-2012-1163
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T15:44:25.717178+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:14:53.591053+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:44:44.460843+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:25:38.856116+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:03:01.147546+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T00:53:20.400529+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.1.3 |
| 2025-06-20T23:50:11.413827+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.1.3 |
| 2025-06-20T23:16:55.771469+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | None | 36.1.3 |
| 2025-06-20T21:50:18.035174+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | None | 36.1.3 |
| 2025-06-20T21:16:35.680961+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | None | 36.1.3 |
| 2025-06-08T08:38:13.349083+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:08:41.891352+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:38:03.158880+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:18:41.710198+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:11:37.979142+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T18:15:41.846497+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.1.0 |
| 2025-06-07T17:13:03.802635+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.1.0 |
| 2025-06-07T16:40:00.252998+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | None | 36.1.0 |
| 2025-06-07T15:13:29.076080+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | None | 36.1.0 |
| 2025-06-07T14:40:46.630693+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | None | 36.1.0 |
| 2025-04-12T21:10:21.137155+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:10:02.048365+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:14:27.934661+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:14:29.182707+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:09:17.498137+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T07:09:39.695353+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:40:41.611393+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:10:35.807039+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:51:18.207501+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:42:36.078615+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T16:53:10.157861+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.0.0 |
| 2025-04-07T15:46:48.845198+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.0.0 |
| 2025-04-07T15:12:19.545934+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | None | 36.0.0 |
| 2025-04-07T13:45:08.536601+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | None | 36.0.0 |
| 2025-04-07T13:12:47.265343+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | None | 36.0.0 |
| 2024-11-28T21:15:22.180434+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T21:14:19.360541+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T02:31:09.967569+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T06:10:25.717917+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T06:09:02.318803+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-13T16:41:31.322968+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T06:36:51.410714+00:00 | Debian Oval Importer | Fixing | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T06:36:05.574712+00:00 | Debian Oval Importer | Fixing | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T01:05:12.252484+00:00 | Debian Oval Importer | Fixing | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |