CVE-2005-0602
EPSS 0.14%
Description
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
How to fix CVE-2005-0602
To remediate CVE-2005-0602, upgrade the affected package to a fixed version below.
- Debian/unzip—upgrade to 5.52-1 or later
Is CVE-2005-0602 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 5.52-1