Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tukaani vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
73 Github repositories
4 Articles
7.8
CVSSv3
CVE-2015-4035
scripts/xzgrep.in in xzgrep 5.2.x prior to 5.2.0, prior to 5.0.0 does not properly process file names containing semicolons, which allows remote malicious users to execute arbitrary code by having a user run xzgrep on a crafted file name.
Tukaani Xz
5.5
CVSSv3
CVE-2020-22916
An issue discovered in XZ 5.2.5 allows malicious users to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results i...
Tukaani Xz 5.2.5
8.8
CVSSv3
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occu...
Gnu Gzip
Redhat Jboss Data Grid 7.0.0
Debian Debian Linux 10.0
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started