Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lrzip project vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-27347
Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows malicious users to cause Denial of Service (DoS) via a crafted compressed file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2023-39741
lrzip v0.651 exists to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Long Range Zip Project Long Range Zip 0.651
9.8
CVSSv3
CVE-2018-10685
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-8842
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-8843
The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-8845
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-8847
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2018-9058
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2018-5650
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-9928
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows malicious users to cause a denial of service via a crafted file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »