Back to search
CVE-2022-0529
Published: Feb 9, 2022
Modified: Feb 13, 2025
PUBLISHED
Description
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
| Vendor | Product | Versions |
|---|---|---|
n/a | unzip | affected 6.0 |
References
https://bugzilla.redhat.com/show_bug.cgi?id=2051395
x_refsource_MISC
https://github.com/ByteHackr/unzip_poc
x_refsource_MISC
DSA-5202
vendor-advisory
x_refsource_DEBIAN
[debian-lts-announce] 20220922 [SECURITY] [DLA 3118-1] unzip security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now