Search CVE reports


Toggle filters

1 – 10 of 11 results


CVE-2022-1271

Medium priority
Fixed

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary...

2 affected packages

gzip, xz-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip Fixed Fixed Fixed Fixed
xz-utils Fixed Fixed Fixed Fixed
Show less packages

CVE-2010-0001

Medium priority
Fixed

Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute...

1 affected packages

gzip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
Show less packages

CVE-2009-2624

Medium priority
Fixed

The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute...

1 affected packages

gzip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
Show less packages

CVE-2006-4336

Unknown priority
Fixed

Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.

1 affected packages

gzip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
Show less packages

CVE-2006-4334

Unknown priority
Fixed

Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.

1 affected packages

gzip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
Show less packages

CVE-2006-4338

Unknown priority

Some fixes available 14 of 16

unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.

2 affected packages

gzip, lha

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
lha
Show less packages

CVE-2006-4337

Unknown priority

Some fixes available 14 of 16

Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.

2 affected packages

gzip, lha

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
lha
Show less packages

CVE-2006-4335

Unknown priority

Some fixes available 14 of 16

Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly...

2 affected packages

gzip, lha

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
lha
Show less packages

CVE-2005-0758

Unknown priority
Fixed

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

2 affected packages

bzip2, gzip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bzip2
gzip
Show less packages

CVE-2005-1228

Unknown priority
Fixed

Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.

1 affected packages

gzip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gzip
Show less packages