Unzip Project Unzip - for Go

CPE Details

Unzip Project Unzip - for Go
unzip_project
unzip
-
2023-10-25
10h45 +00:00
2023-10-25
10h45 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:unzip_project:unzip:-:*:*:*:*:go:*:*

Informations

Vendor

unzip_project

Product

unzip

Version

-

Target Software

go

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-36561 2022-12-27 21h13 +00:00 Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
9.1
Critique
CVE-2014-8141 2020-01-31 21h08 +00:00 Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
7.8
Haute
CVE-2014-8140 2020-01-31 21h00 +00:00 Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
7.8
Haute
CVE-2014-8139 2020-01-31 21h00 +00:00 Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
7.8
Haute
CVE-2018-1000035 2018-02-09 22h00 +00:00 A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
7.8
Haute