Lrzipproject Lrzip
By the Year
In 2024 there have been 0 vulnerabilities in Lrzipproject Lrzip . Lrzip did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 5.50 |
| 2018 | 2 | 6.00 |
It may take a day or so for new Lrzip vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Lrzipproject Lrzip Security Vulnerabilities
The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631
CVE-2019-10654
5.5 - Medium
- March 30, 2019
The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive, a different vulnerability than CVE-2017-8845.
Out-of-bounds Read
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c
CVE-2018-11496
6.5 - Medium
- May 26, 2018
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation.
Dangling pointer
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c)
CVE-2018-5747
5.5 - Medium
- January 17, 2018
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Dangling pointer
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which
CVE-2017-9929
5.5 - Medium
- June 26, 2017
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.
Buffer Overflow
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which
CVE-2017-9928
5.5 - Medium
- June 26, 2017
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.
Buffer Overflow
The read_stream function in stream.c in liblrzip.so in lrzip 0.631
CVE-2017-8846
5.5 - Medium
- May 08, 2017
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.
Dangling pointer
The read_1g function in stream.c in liblrzip.so in lrzip 0.631
CVE-2017-8844
7.8 - High
- May 08, 2017
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Lrzipproject? Click the Watch button to subscribe.
