Unzip Project Unzip - for Go

CPE Details

Unzip Project Unzip - for Go
unzip_project
unzip
-
2023-10-25
10h45 +00:00
2023-10-25
10h45 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:unzip_project:unzip:-:*:*:*:*:go:*:*

Informations

Vendor

unzip_project

Product

unzip

Version

-

Target Software

go

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-36561 2022-12-27
21h13 +00:00		 Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
9.1
Critical
CVE-2014-8141 2020-01-31
21h08 +00:00		 Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
7.8
High
CVE-2014-8140 2020-01-31
21h00 +00:00		 Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
7.8
High
CVE-2014-8139 2020-01-31
21h00 +00:00		 Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
7.8
High
CVE-2018-1000035 2018-02-09
22h00 +00:00		 A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
7.8
High