Search CVE reports


Toggle filters

1 – 5 of 5 results


CVE-2023-40477

Medium priority

Some fixes available 7 of 19

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR....

3 affected packages

libclamunrar, rar, unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libclamunrar Not affected Fixed Fixed Vulnerable Vulnerable
rar Fixed Vulnerable Vulnerable Vulnerable Vulnerable
unrar-nonfree Not affected Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2022-30333

High priority

Some fixes available 6 of 18

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

3 affected packages

libclamunrar, rar, unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libclamunrar Not affected Fixed Fixed Vulnerable Vulnerable
rar Fixed Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unrar-nonfree Not affected Vulnerable Vulnerable Vulnerable Needs evaluation
Show less packages

CVE-2019-1798

Medium priority
Not affected

A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on...

2 affected packages

clamav, libclamunrar

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clamav Not affected Not affected
libclamunrar Not affected Not affected
Show less packages

CVE-2019-1785

Medium priority
Not affected

A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device....

2 affected packages

clamav, libclamunrar

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clamav Not affected Not affected
libclamunrar Not affected Not affected
Show less packages

CVE-2012-6706

Medium priority

Some fixes available 7 of 10

A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be...

2 affected packages

libclamunrar, unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libclamunrar Fixed Fixed
unrar-nonfree Not affected Fixed
Show less packages