Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lrzip project vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-8846
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2017-9928
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows malicious users to cause a denial of service via a crafted file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-5747
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2017-9929
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows malicious users to cause a denial of service via a crafted file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2021-27345
A null pointer dereference exists in ucompthread in stream.c in Irzip 0.631 which allows malicious users to cause a denial of service (DOS) via a crafted compressed file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2020-25467
A null pointer dereference exists lzo_decompress_buf in stream.c in Irzip 0.621 which allows an malicious user to cause a denial of service (DOS) via a crafted compressed file.
Long Range Zip Project Long Range Zip 0.621
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-5786
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Long Range Zip Project Long Range Zip 0.631
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2022-28044
Irzip v0.640 exists to contain a heap memory corruption via the component lrzip.c:initialise_control.
Irzip Project Irzip 0.640
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2022-26291
lrzip v0.641 exists to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted Irz file.
Long Range Zip Project Long Range Zip 0.641
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2021-33451
An issue exists in lrzip version 0.641. There are memory leaks in fill_buffer() in stream.c.
Long Range Zip Project Long Range Zip 0.641
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »