Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lrzip vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-5650
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-9928
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows malicious users to cause a denial of service via a crafted file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2017-9929
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows malicious users to cause a denial of service via a crafted file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-5747
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-9058
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2022-26291
lrzip v0.641 exists to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted Irz file.
Long Range Zip Project Long Range Zip 0.641
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2022-28044
Irzip v0.640 exists to contain a heap memory corruption via the component lrzip.c:initialise_control.
Irzip Project Irzip 0.640
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2020-25467
A null pointer dereference exists lzo_decompress_buf in stream.c in Irzip 0.621 which allows an malicious user to cause a denial of service (DOS) via a crafted compressed file.
Long Range Zip Project Long Range Zip 0.621
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2021-27345
A null pointer dereference exists in ucompthread in stream.c in Irzip 0.631 which allows malicious users to cause a denial of service (DOS) via a crafted compressed file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2021-33451
An issue exists in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c.
Long Range Zip Project Long Range Zip 0.641
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »