A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
NULL Pointer Dereference
NULL Pointer Dereference
-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| debian/unzip | deb | debian | 12 | >=6.0-28 | Not yet available |
| debian/unzip | deb | debian | 11 | >=6.0-26+deb11u1 | Not yet available |
| debian/unzip | deb | debian | 10 | >=6.0-23+deb10u2 | Not yet available |
| debian/unzip | deb | debian | unstable | >=6.0-28 | Not yet available |
| debian/unzip | deb | debian | 13 | >=6.0-28 | Not yet available |
Severity and metrics
No CVSS data available from this source.
1.8
-
1.8
-
-
-
-
1.8
1
-
-