Search for packages
| purl | pkg:deb/debian/libzip@0.9.3-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1d1p-zrrg-aaab
Aliases: CVE-2011-0421 |
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation. |
Affected by 2 other vulnerabilities. |
|
VCID-5ynh-zkyv-aaas
Aliases: CVE-2015-2331 |
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow. |
Affected by 1 other vulnerability. |
|
VCID-85c3-h467-aaag
Aliases: CVE-2012-1162 |
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct." |
Affected by 2 other vulnerabilities. |
|
VCID-t44w-s184-aaaa
Aliases: CVE-2012-1163 |
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak. |
Affected by 2 other vulnerabilities. |
|
VCID-yxe1-qn72-aaab
Aliases: CVE-2017-14107 |
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T15:44:25.715284+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:14:53.588898+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:44:44.458729+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:25:38.853103+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:03:01.140705+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T00:53:20.398595+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.1.3 |
| 2025-06-20T23:50:11.411702+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.1.3 |
| 2025-06-20T23:16:55.769591+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | None | 36.1.3 |
| 2025-06-20T21:50:18.033264+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | None | 36.1.3 |
| 2025-06-20T21:16:35.678690+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | None | 36.1.3 |
| 2025-06-08T08:38:13.347550+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:08:41.889794+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:38:03.157107+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:18:41.708633+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:11:37.977429+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T18:15:41.844971+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.1.0 |
| 2025-06-07T17:13:03.801115+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.1.0 |
| 2025-06-07T16:40:00.250886+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | None | 36.1.0 |
| 2025-06-07T15:13:29.074302+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | None | 36.1.0 |
| 2025-06-07T14:40:46.628913+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | None | 36.1.0 |
| 2025-04-12T21:10:21.132254+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T21:10:02.043443+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:14:27.929479+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:14:29.177991+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:09:17.493350+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T07:09:39.690947+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:40:41.606475+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:10:35.802139+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:51:18.202537+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:42:36.073756+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T16:53:10.152434+00:00 | Debian Oval Importer | Affected by | VCID-5ynh-zkyv-aaas | None | 36.0.0 |
| 2025-04-07T15:46:48.839766+00:00 | Debian Oval Importer | Affected by | VCID-yxe1-qn72-aaab | None | 36.0.0 |
| 2025-04-07T15:12:19.540614+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | None | 36.0.0 |
| 2025-04-07T13:45:08.531706+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | None | 36.0.0 |
| 2025-04-07T13:12:47.260453+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | None | 36.0.0 |
| 2024-11-28T21:15:22.175292+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T21:14:19.355396+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T02:31:09.961461+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-14T06:10:25.713099+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T06:09:02.314021+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-13T16:41:31.317984+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-09-21T06:36:51.405394+00:00 | Debian Oval Importer | Affected by | VCID-t44w-s184-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T06:36:05.569532+00:00 | Debian Oval Importer | Affected by | VCID-85c3-h467-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T01:05:12.245516+00:00 | Debian Oval Importer | Affected by | VCID-1d1p-zrrg-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |