Vulnerabilities > Rarlab > Unrar > 5.5.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-07 | CVE-2022-48579 | Link Following vulnerability in Rarlab Unrar UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains. | 7.5 |
| 2022-05-09 | CVE-2022-30333 | Path Traversal vulnerability in multiple products RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. | 7.5 |
| 2017-08-18 | CVE-2017-12942 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rarlab Unrar 0.0.1/5.5.4/5.5.6 libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. | 9.8 |
| 2017-08-18 | CVE-2017-12941 | Out-of-bounds Read vulnerability in Rarlab Unrar 0.0.1/5.5.4/5.5.6 libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. | 9.8 |
| 2017-08-18 | CVE-2017-12940 | Out-of-bounds Read vulnerability in Rarlab Unrar 0.0.1/5.5.4/5.5.6 libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. | 9.8 |
| 2017-08-18 | CVE-2017-12938 | Path Traversal vulnerability in Rarlab Unrar 0.0.1/5.5.4/5.5.6 UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . | 7.5 |