Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gzip vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0001
Integer underflow in the unlzw function in unlzw.c in gzip prior to 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses...
Gnu Gzip
Gnu Gzip 1.3.12
Gnu Gzip 1.3.1
Gnu Gzip 1.3.8
Gnu Gzip 1.3
Gnu Gzip 1.3.3
Gnu Gzip 1.3.11
Gnu Gzip 1.3.6
Gnu Gzip 1.3.2
Gnu Gzip 1.2.4
Gnu Gzip 1.3.10
Gnu Gzip 1.3.5
Gnu Gzip 1.3.7
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.9
Gnu Gzip 1.3.4
NA
CVE-2009-2624
The huft_build function in inflate.c in gzip prior to 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote malicious users to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE...
Gnu Gzip 1.3.1
Gnu Gzip 1.3.8
Gnu Gzip
Gnu Gzip 1.3
Gnu Gzip 1.3.3
Gnu Gzip 1.3.11
Gnu Gzip 1.3.6
Gnu Gzip 1.3.2
Gnu Gzip 1.2.4
Gnu Gzip 1.3.10
Gnu Gzip 1.3.5
Gnu Gzip 1.3.7
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.9
Gnu Gzip 1.3.4
NA
CVE-2001-1228
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow malicious users to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
Gnu Gzip 1.3
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
1 Github repository
NA
CVE-2005-1228
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 up to and including 1.3.5 allows remote malicious users to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Gnu Gzip 1.3.3
Gnu Gzip 1.2.4
NA
CVE-2004-0603
gzexe in gzip 1.3.3 and previous versions will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
Gnu Gzip
NA
CVE-2004-0970
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.
Gnu Gzip 1.2.4a
NA
CVE-2004-1349
gzip prior to 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.
Oracle Solaris 8
Gnu Gzip
NA
CVE-2005-0758
zgrep in gzip prior to 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
Gnu Gzip
Canonical Ubuntu Linux 4.10
Canonical Ubuntu Linux 5.04
2 Github repositories
NA
CVE-2003-0367
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Gnu Gzip
Debian Debian Linux 2.2
Debian Debian Linux 3.0
8.8
CVSSv3
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occu...
Gnu Gzip
Redhat Jboss Data Grid 7.0.0
Debian Debian Linux 10.0
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »