Vulnerabilities > Rarlab > Unrar > 6.0.3

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2022-48579 Link Following vulnerability in Rarlab Unrar
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
network
low complexity
rarlab CWE-59
7.5
7.5
2022-05-09 CVE-2022-30333 Path Traversal vulnerability in Rarlab Unrar
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file.
network
low complexity
rarlab CWE-22
7.5
7.5
2021-07-01 CVE-2018-25018 Out-of-bounds Write vulnerability in Rarlab Unrar 6.0.3
UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
network
rarlab CWE-787
6.8
6.8