Search for packages
| purl | pkg:deb/debian/libzip@0.8-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1d1p-zrrg-aaab
Aliases: CVE-2011-0421 |
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation. |
Affected by 2 other vulnerabilities. |
|
VCID-5ynh-zkyv-aaas
Aliases: CVE-2015-2331 |
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow. |
Affected by 1 other vulnerability. |
|
VCID-85c3-h467-aaag
Aliases: CVE-2012-1162 |
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct." |
Affected by 2 other vulnerabilities. |
|
VCID-t44w-s184-aaaa
Aliases: CVE-2012-1163 |
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak. |
Affected by 2 other vulnerabilities. |
|
VCID-yxe1-qn72-aaab
Aliases: CVE-2017-14107 |
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T15:44:25.713170+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:14:53.586971+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:44:44.456508+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:25:38.850327+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:03:01.138588+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T00:53:20.396564+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.1.3 |
| 2025-06-20T23:50:11.409495+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.1.3 |
| 2025-06-20T23:16:55.767530+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | None | 36.1.3 |
| 2025-06-20T21:50:18.031258+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | None | 36.1.3 |
| 2025-06-20T21:16:35.676777+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | None | 36.1.3 |
| 2025-06-08T08:38:13.345864+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:08:41.888117+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:38:03.155169+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:18:41.706939+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:11:37.975768+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T18:15:41.843287+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.1.0 |
| 2025-06-07T17:13:03.799472+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.1.0 |
| 2025-06-07T16:40:00.249036+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | None | 36.1.0 |
| 2025-06-07T15:13:29.072465+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | None | 36.1.0 |
| 2025-06-07T14:40:46.626995+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | None | 36.1.0 |
| 2025-04-12T21:10:21.126989+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:10:02.038568+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:14:27.924166+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:14:29.173478+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:09:17.488582+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T07:09:39.686658+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:40:41.602165+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:10:35.796990+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:51:18.197323+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:42:36.069108+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T16:53:10.147007+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.0.0 |
| 2025-04-07T15:46:48.833883+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.0.0 |
| 2025-04-07T15:12:19.535726+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | None | 36.0.0 |
| 2025-04-07T13:45:08.526847+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | None | 36.0.0 |
| 2025-04-07T13:12:47.255527+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | None | 36.0.0 |
| 2024-11-28T21:15:22.170135+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T21:14:19.350346+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T02:31:09.956346+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T06:10:25.708148+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T06:09:02.308370+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-13T16:41:31.313084+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T06:36:51.399950+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T06:36:05.564168+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T01:05:12.239224+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |