Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tukaani vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
85 Github repositories
6 Articles
4.6
CVSSv2
CVE-2015-4035
scripts/xzgrep.in in xzgrep 5.2.x prior to 5.2.0, prior to 5.0.0 does not properly process file names containing semicolons, which allows remote malicious users to execute arbitrary code by having a user run xzgrep on a crafted file name.
Tukaani Xz
NA
CVE-2020-22916
An issue discovered in XZ 5.2.5 allows malicious users to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results i...
Tukaani Xz 5.2.5
NA
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occu...
Gnu Gzip
Redhat Jboss Data Grid 7.0.0
Debian Debian Linux 10.0
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started