Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tukaani xz vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
75 Github repositories
6 Articles
7.8
CVSSv3
CVE-2015-4035
scripts/xzgrep.in in xzgrep 5.2.x prior to 5.2.0, prior to 5.0.0 does not properly process file names containing semicolons, which allows remote malicious users to execute arbitrary code by having a user run xzgrep on a crafted file name.
Tukaani Xz
5.5
CVSSv3
CVE-2020-22916
An issue discovered in XZ 5.2.5 allows malicious users to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results i...
Tukaani Xz 5.2.5
8.8
CVSSv3
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occu...
Gnu Gzip
Redhat Jboss Data Grid 7.0.0
Debian Debian Linux 10.0
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started