Search CVE reports
1 – 5 of 5 results
CVE-2023-40477
Medium prioritySome fixes available 7 of 19
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR....
3 affected packages
libclamunrar, rar, unrar-nonfree
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libclamunrar | Not affected | Fixed | Fixed | Vulnerable | Vulnerable |
rar | Fixed | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
unrar-nonfree | Not affected | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2022-30333
High prioritySome fixes available 6 of 18
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
3 affected packages
libclamunrar, rar, unrar-nonfree
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libclamunrar | Not affected | Fixed | Fixed | Vulnerable | Vulnerable |
rar | Fixed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
unrar-nonfree | Not affected | Vulnerable | Vulnerable | Vulnerable | Needs evaluation |
CVE-2019-1798
Medium priorityA vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on...
2 affected packages
clamav, libclamunrar
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
clamav | — | — | — | Not affected | Not affected |
libclamunrar | — | — | — | Not affected | Not affected |
CVE-2019-1785
Medium priorityA vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device....
2 affected packages
clamav, libclamunrar
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
clamav | — | — | — | Not affected | Not affected |
libclamunrar | — | — | — | Not affected | Not affected |
CVE-2012-6706
Medium prioritySome fixes available 7 of 10
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be...
2 affected packages
libclamunrar, unrar-nonfree
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libclamunrar | — | — | — | Fixed | Fixed |
unrar-nonfree | — | — | — | Not affected | Fixed |