VDB
GCVE-110-MAGEIA-2014-562
GCVE-110-MAGEIA-2014-562
Advisory Published
Updated unzip package fix security vulnerabilities:
The unzip command line tool is affected by heap-based buffer overflows within
the CRC32 verification (CVE-2014-8139), the test_compr_eb() (CVE-2014-8140)
and the getZip64Data() (CVE-2014-8141) functions. The input errors may result
in in arbitrary code execution. A specially crafted zip file, passed to the
command unzip -t, can be used to trigger the vulnerability.
OOB access (both read and write) issues also exist in test_compr_eb()
that can result in application crash or other unspecified impact. A
specially crafted zip file, passed to the command unzip -t, can be used to
trigger the issues.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | unzip | 0 (affected), 6.0-7.2.mga4 (unaffected) | — |
References
Browse GCVE Records
73,161 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.