Search CVE reports
1 – 10 of 14 results
RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Not affected | Not affected | Not affected |
Some fixes available 2 of 5
RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Fixed | Fixed | Needs evaluation |
Some fixes available 12 of 20
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR....
3 affected packages
rar, unrar-nonfree, libclamunrar
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| rar | Fixed | Fixed | Fixed | Vulnerable |
| unrar-nonfree | Not affected | Fixed | Fixed | Vulnerable |
| libclamunrar | Not affected | Fixed | Fixed | Vulnerable |
Some fixes available 2 of 4
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Fixed | Fixed | Needs evaluation |
Some fixes available 11 of 19
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
3 affected packages
unrar-nonfree, rar, libclamunrar
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Fixed | Fixed | Ignored |
| rar | Fixed | Fixed | Fixed | Ignored |
| libclamunrar | Not affected | Fixed | Fixed | Ignored |
UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Not affected | Not affected | Needs evaluation |
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Not affected | Not affected | Needs evaluation |
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Not affected | Not affected | Not affected |
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Not affected | Not affected | Not affected |
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.
1 affected package
unrar-nonfree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unrar-nonfree | Not affected | Not affected | Not affected | Not affected |