Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lrzip vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-8844
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-8845
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
4.3
CVSSv2
CVE-2017-8846
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-8847
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
7.5
CVSSv2
CVE-2018-10685
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact.
Long Range Zip Project Long Range Zip 0.631
4.3
CVSSv2
CVE-2021-27345
A null pointer dereference exists in ucompthread in stream.c in Irzip 0.631 which allows malicious users to cause a denial of service (DOS) via a crafted compressed file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2020-25467
A null pointer dereference exists lzo_decompress_buf in stream.c in Irzip 0.621 which allows an malicious user to cause a denial of service (DOS) via a crafted compressed file.
Long Range Zip Project Long Range Zip 0.621
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2022-26291
lrzip v0.641 exists to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted Irz file.
Long Range Zip Project Long Range Zip 0.641
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2022-28044
Irzip v0.640 exists to contain a heap memory corruption via the component lrzip.c:initialise_control.
Irzip Project Irzip 0.640
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2021-33451
An issue exists in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c.
Long Range Zip Project Long Range Zip 0.641
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »