Search for packages
| purl | pkg:deb/debian/gzip@1.3.5-10sarge2 |
| Next non-vulnerable version | 1.10-4+deb11u1 |
| Latest non-vulnerable version | 1.10-4+deb11u1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1yf3-td2x-xffn
Aliases: CVE-2009-2624 |
This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information. |
Affected by 1 other vulnerability. |
|
VCID-3adf-qttu-3kfd
Aliases: CVE-2022-1271 |
A vulnerability has been discovered in GNU Gzip and XZ Utils' grep helpers which could result in writes to arbitrary files. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-73ee-qa4t-gqd7
Aliases: CVE-2006-4334 |
gzip is affected by multiple vulnerabilities, including buffer overflows and infinite loops, possibly allowing the execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-ensg-v8ut-4kh9
Aliases: CVE-2006-4337 |
gzip is affected by multiple vulnerabilities, including buffer overflows and infinite loops, possibly allowing the execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-px24-9c2r-73cn
Aliases: CVE-2006-4338 |
gzip is affected by multiple vulnerabilities, including buffer overflows and infinite loops, possibly allowing the execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-vm8g-v83d-mbfm
Aliases: CVE-2010-0001 |
This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information. |
Affected by 1 other vulnerability. |
|
VCID-z31n-qyzz-rfhy
Aliases: CVE-2006-4336 |
gzip is affected by multiple vulnerabilities, including buffer overflows and infinite loops, possibly allowing the execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
|
VCID-z6cd-db4j-2uey
Aliases: CVE-2006-4335 |
gzip is affected by multiple vulnerabilities, including buffer overflows and infinite loops, possibly allowing the execution of arbitrary code. |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1q5k-8ctf-hff7 | gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. |
CVE-1999-1332
|
| VCID-ggpy-kzh6-dkbh | security flaw |
CVE-2005-1228
|
| VCID-hn43-p68p-g3d7 | The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367. |
CVE-2004-0970
|
| VCID-uf6e-fsw6-bbbv | security flaw |
CVE-2005-0758
|
| VCID-vj3y-4hqq-xybm | security flaw |
CVE-2005-0988
|
| VCID-w9ut-ky8t-sqar | gzip: symlink attack on temporary files leads to arbitrary file overwrite |
CVE-2003-0367
|