Search for packages
Package details: pkg:deb/debian/gzip@1.3.12-6%2Blenny1
purl pkg:deb/debian/gzip@1.3.12-6%2Blenny1
Next non-vulnerable version 1.10-4+deb11u1
Latest non-vulnerable version 1.10-4+deb11u1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-1jzu-evut-aaaj
Aliases:
CVE-2010-0001
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
1.3.12-9+squeeze1
Affected by 1 other vulnerability.
VCID-kzvy-qy9e-aaah
Aliases:
CVE-2009-2624
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression.
1.3.12-9+squeeze1
Affected by 1 other vulnerability.
VCID-zgc5-nzyz-aaan
Aliases:
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.
1.9-3+deb10u1
Affected by 1 other vulnerability.
1.10-4+deb11u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T15:01:39.110899+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:44:10.473175+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:24:39.276588+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-20T23:59:56.819934+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.1.3
2025-06-20T22:52:43.196531+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.1.3
2025-06-20T20:32:33.954329+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.1.3
2025-06-08T11:51:24.563479+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T07:55:02.029345+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:38:20.946351+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:18:48.336695+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T17:22:50.677084+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.1.0
2025-06-07T16:16:03.522008+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.1.0
2025-06-07T14:05:41.266248+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.1.0
2025-04-12T21:51:51.876793+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:44:12.514109+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:36:25.779750+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T06:27:27.641462+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:10:47.248281+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:51:05.955596+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T15:56:59.455112+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.0.0
2025-04-07T14:47:34.114068+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.0.0
2025-04-07T12:39:30.632467+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.0.0
2024-11-27T13:04:34.129038+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T05:50:43.434854+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T07:33:56.464126+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T02:32:23.719114+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T21:21:58.640100+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:33:49.536811+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1