pkg:Debian/unrar-nonfree
16 total CVEsCRITICAL5HIGH9
✅ Check your installed version
All known vulnerabilities
- from 0, < 1:6.0.3-1+deb11u1
- CRITICAL9.8CVE-2017-12942libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.from 0, < 1:5.5.8-1
- CRITICAL9.8CVE-2017-12941libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.from 0, < 1:5.5.8-1
- CRITICAL9.8CVE-2017-12940libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.from 0, < 1:5.5.8-1
- from 0, < 1:4.1.4-1+deb7u2
- from 0, < 1:5.5.5-1
- from 0, < 1:5.6.6-1+deb10u4
- from 0, < 1:6.0.3-1+deb11u3
- HIGH7.8CVE-2018-25018UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.from 0, < 1:5.6.6-1
- HIGH7.8CVE-2017-20006UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurren…from 0, < 1:5.6.6-1
- from 0, < 1:5.6.6-1+deb10u3
- from 0, < 1:6.0.3-1+deb11u2
- HIGH7.5CVE-2017-12938UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the .from 0, < 1:5.5.8-1
- HIGH7.1CVE-2024-33899RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI…from 0
- —CVE-2007-3726Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X…from 0, < 3.7.3-1.1
- —CVE-2007-0855Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to e…from 0, < 1:3.7.3-1