VulnerableCode Package Details - pkg:deb/debian/minizip@1.1-5~bpo70%2B1

Search for packages

Vulnerability	Summary	Fixed by
VCID-t9z5-qvz6-aaam Aliases: CVE-2023-45853 GHSA-mq29-j5xf-cjwr	MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.	1.1-8+deb11u1 Affected by 0 other vulnerabilities.
VCID-yc3p-j2zc-aaaa Aliases: CVE-2014-9485	Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive.	1.1-5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.1-8 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-t9z5-qvz6-aaam
Aliases:
CVE-2023-45853
GHSA-mq29-j5xf-cjwr

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.

1.1-8+deb11u1
Affected by 0 other vulnerabilities.

VCID-yc3p-j2zc-aaaa
Aliases:
CVE-2014-9485

Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive.

1.1-5
Affected by 2 other vulnerabilities.

1.1-8
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T15:08:55.515383+00:00	Debian Oval Importer	Affected by	VCID-yc3p-j2zc-aaaa	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T12:02:37.464772+00:00	Debian Oval Importer	Affected by	VCID-t9z5-qvz6-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-20T23:26:09.629394+00:00	Debian Oval Importer	Affected by	VCID-yc3p-j2zc-aaaa	None	36.1.3
2025-06-08T08:02:29.086298+00:00	Debian Oval Importer	Affected by	VCID-yc3p-j2zc-aaaa	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T05:11:21.831802+00:00	Debian Oval Importer	Affected by	VCID-t9z5-qvz6-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-07T16:49:03.209437+00:00	Debian Oval Importer	Affected by	VCID-yc3p-j2zc-aaaa	None	36.1.0
2025-04-12T22:58:33.154998+00:00	Debian Oval Importer	Affected by	VCID-t9z5-qvz6-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T20:37:45.147609+00:00	Debian Oval Importer	Affected by	VCID-yc3p-j2zc-aaaa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-08T06:34:44.426733+00:00	Debian Oval Importer	Affected by	VCID-yc3p-j2zc-aaaa	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T03:42:18.659768+00:00	Debian Oval Importer	Affected by	VCID-t9z5-qvz6-aaam	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T15:21:46.832613+00:00	Debian Oval Importer	Affected by	VCID-yc3p-j2zc-aaaa	None	36.0.0