Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 14 results


CVE-2024-36052

Medium priority
Not affected

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-33899

Medium priority
Needs evaluation

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-40477

Medium priority

Some fixes available 7 of 19

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR....

3 affected packages

libclamunrar, rar, unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libclamunrar Not affected Fixed Fixed Vulnerable Vulnerable
rar Fixed Vulnerable Vulnerable Vulnerable Vulnerable
unrar-nonfree Not affected Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2022-48579

Medium priority
Needs evaluation

UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-30333

High priority

Some fixes available 6 of 18

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

3 affected packages

libclamunrar, rar, unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libclamunrar Not affected Fixed Fixed Vulnerable Vulnerable
rar Fixed Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unrar-nonfree Not affected Vulnerable Vulnerable Vulnerable Needs evaluation
Show less packages

CVE-2018-25018

Medium priority
Vulnerable

UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Needs evaluation Needs evaluation Vulnerable Needs evaluation Needs evaluation
Show less packages

CVE-2017-20006

Medium priority
Needs evaluation

UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2017-12942

Medium priority
Vulnerable

libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-12941

Low priority
Vulnerable

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-12940

Low priority
Vulnerable

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.

1 affected packages

unrar-nonfree

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unrar-nonfree Not affected Not affected Not affected Not affected Vulnerable
Show less packages