Search CVE reports
1 – 5 of 5 results
CVE-2023-40477
Medium prioritySome fixes available 11 of 19
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR....
3 affected packages
libclamunrar, rar, unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libclamunrar | Not affected | Fixed | Fixed | Vulnerable | Vulnerable |
| rar | Fixed | Fixed | Fixed | Vulnerable | Vulnerable |
| unrar-nonfree | Not affected | Fixed | Fixed | Vulnerable | Vulnerable |
CVE-2022-30333
High prioritySome fixes available 10 of 18
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
3 affected packages
libclamunrar, rar, unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libclamunrar | Not affected | Fixed | Fixed | Vulnerable | Vulnerable |
| rar | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
| unrar-nonfree | Not affected | Fixed | Fixed | Vulnerable | Needs evaluation |
CVE-2019-1798
Medium priorityA vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on...
2 affected packages
clamav, libclamunrar
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| clamav | — | — | — | Not affected | Not affected |
| libclamunrar | — | — | — | Not affected | Not affected |
CVE-2019-1785
Medium priorityA vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device....
2 affected packages
clamav, libclamunrar
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| clamav | — | — | — | Not affected | Not affected |
| libclamunrar | — | — | — | Not affected | Not affected |
CVE-2012-6706
Medium prioritySome fixes available 7 of 10
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be...
2 affected packages
libclamunrar, unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libclamunrar | — | — | — | Fixed | Fixed |
| unrar-nonfree | — | — | — | Not affected | Fixed |