Search for packages
Package details: pkg:deb/debian/cabextract@0.2-2b
purl pkg:deb/debian/cabextract@0.2-2b
Next non-vulnerable version 1.6-1
Latest non-vulnerable version 1.6-1
Risk 3.1
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-324x-qevr-aaaq
Aliases:
CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
1.6-1
Affected by 0 other vulnerabilities.
VCID-4p44-7jvz-aaad
Aliases:
CVE-2010-2801
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.
1.3-1
Affected by 3 other vulnerabilities.
VCID-4pxy-6rjv-aaae
Aliases:
CVE-2018-18584
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
1.4-5
Affected by 1 other vulnerability.
VCID-9sva-628m-aaah
Aliases:
CVE-2004-0916
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename.
1.1-1
Affected by 5 other vulnerabilities.
VCID-a3zp-cm4d-aaah
Aliases:
CVE-2014-9556
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
1.4-5
Affected by 1 other vulnerability.
VCID-qdsf-s4m4-aaag
Aliases:
CVE-2010-2800
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.
1.3-1
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T17:00:53.543297+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:37:03.757682+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:00:01.180658+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:59:50.578231+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:10:21.558263+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:05:44.724672+00:00 Debian Oval Importer Affected by VCID-324x-qevr-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T01:03:07.384033+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah None 36.1.3
2025-06-21T00:30:29.254601+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag None 36.1.3
2025-06-21T00:22:15.051509+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah None 36.1.3
2025-06-20T23:57:20.124839+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae None 36.1.3
2025-06-20T21:49:33.342148+00:00 Debian Oval Importer Affected by VCID-324x-qevr-aaaq None 36.1.3
2025-06-20T21:06:00.474670+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad None 36.1.3
2025-06-08T12:55:45.937178+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:43:07.442625+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:32:47.137305+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:45:56.541916+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:22:39.980859+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:54:09.050712+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:53:58.756508+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:05:06.993786+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:00:36.798469+00:00 Debian Oval Importer Affected by VCID-324x-qevr-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T18:25:38.626088+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah None 36.1.0
2025-06-07T17:53:08.535721+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag None 36.1.0
2025-06-07T17:45:04.231098+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah None 36.1.0
2025-06-07T17:20:14.156035+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae None 36.1.0
2025-06-07T15:12:41.022033+00:00 Debian Oval Importer Affected by VCID-324x-qevr-aaaq None 36.1.0
2025-06-07T14:31:57.309940+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad None 36.1.0
2025-04-12T20:58:32.599400+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:11:20.668920+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:05:03.515150+00:00 Debian Oval Importer Affected by VCID-324x-qevr-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:43:00.496261+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:29:56.944822+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:19:13.628915+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:18:15.026916+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:54:56.164347+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:26:37.839622+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:26:27.272579+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:37:09.471669+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:32:32.762150+00:00 Debian Oval Importer Affected by VCID-324x-qevr-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T17:03:15.216519+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah None 36.0.0
2025-04-07T16:29:53.006560+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag None 36.0.0
2025-04-07T16:21:16.730195+00:00 Debian Oval Importer Affected by VCID-a3zp-cm4d-aaah None 36.0.0
2025-04-07T15:54:14.699556+00:00 Debian Oval Importer Affected by VCID-4pxy-6rjv-aaae None 36.0.0
2025-04-07T13:44:23.188384+00:00 Debian Oval Importer Affected by VCID-324x-qevr-aaaq None 36.0.0
2025-04-07T13:04:04.782591+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad None 36.0.0
2025-03-07T02:02:16.063403+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.1.0
2025-03-07T02:02:15.390168+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 35.1.0
2025-03-07T01:44:40.848097+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah None 35.1.0
2024-11-27T19:42:21.352748+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T19:40:41.241921+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-25T01:21:20.316063+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T12:10:21.712880+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T12:09:43.339777+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-11T15:55:44.699436+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T23:12:43.840938+00:00 Debian Oval Importer Affected by VCID-4p44-7jvz-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T23:12:38.795499+00:00 Debian Oval Importer Affected by VCID-qdsf-s4m4-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T10:14:46.807674+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-06-11T23:43:15.730177+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.0rc4
2024-06-11T23:43:14.945221+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 34.0.0rc4
2024-06-11T23:21:37.732599+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah None 34.0.0rc4
2024-01-25T07:11:13.715915+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.0rc2
2024-01-25T07:11:12.935244+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 34.0.0rc2
2024-01-25T06:50:14.556857+00:00 Debian Oval Importer Affected by VCID-9sva-628m-aaah None 34.0.0rc2