Search for packages
Package details: pkg:deb/debian/gzip@1.3.5-15%2Betch1
purl pkg:deb/debian/gzip@1.3.5-15%2Betch1
Next non-vulnerable version 1.10-4+deb11u1
Latest non-vulnerable version 1.10-4+deb11u1
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-1jzu-evut-aaaj
Aliases:
CVE-2010-0001
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
1.3.12-9+squeeze1
Affected by 1 other vulnerability.
VCID-kzvy-qy9e-aaah
Aliases:
CVE-2009-2624
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression.
1.3.12-9+squeeze1
Affected by 1 other vulnerability.
VCID-zgc5-nzyz-aaan
Aliases:
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.
1.9-3+deb10u1
Affected by 1 other vulnerability.
1.10-4+deb11u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T15:01:39.109200+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:44:10.470791+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:24:39.274016+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-20T23:59:56.817796+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.1.3
2025-06-20T22:52:43.194762+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.1.3
2025-06-20T20:32:33.952748+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.1.3
2025-06-08T11:51:24.561968+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T07:55:02.027801+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:38:20.944833+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:18:48.335193+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T17:22:50.675303+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.1.0
2025-06-07T16:16:03.520202+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.1.0
2025-06-07T14:05:41.264725+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.1.0
2025-04-12T21:51:51.871451+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:44:12.509267+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:36:25.774791+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T06:27:27.636421+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:10:47.243210+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:51:05.950578+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T15:56:59.450024+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah None 36.0.0
2025-04-07T14:47:34.108956+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj None 36.0.0
2025-04-07T12:39:30.627113+00:00 Debian Oval Importer Affected by VCID-zgc5-nzyz-aaan None 36.0.0
2024-11-27T13:04:34.124320+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T05:50:43.429898+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T07:33:56.459264+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T02:32:23.714176+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T21:21:58.634925+00:00 Debian Oval Importer Affected by VCID-1jzu-evut-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:33:49.530274+00:00 Debian Oval Importer Affected by VCID-kzvy-qy9e-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1