Vulnerabilities > Long Range ZIP Project > Long Range ZIP > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-02 CVE-2018-10685 Use After Free vulnerability in Long Range ZIP Project Long Range ZIP 0.631
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
network
low complexity
long-range-zip-project CWE-416
7.5
7.5
2017-05-08 CVE-2017-8844 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
local
low complexity
long-range-zip-project debian CWE-119
7.8
7.8