Vulnerabilities > Tukaani

DATE CVE VULNERABILITY TITLE RISK
2024-03-29 CVE-2024-3094 Unspecified vulnerability in Tukaani XZ 5.6.0/5.6.1
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.
network
low complexity
tukaani
critical
10.0
2023-08-22 CVE-2020-22916 Unspecified vulnerability in Tukaani XZ 5.2.5
An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file.
local
low complexity
tukaani
5.5
2022-08-31 CVE-2022-1271 Improper Input Validation vulnerability in multiple products
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility.
network
low complexity
gnu redhat debian tukaani CWE-20
8.8
2017-07-25 CVE-2015-4035 Improper Input Validation vulnerability in Tukaani XZ 4.999.7/4.999.8/4.999.9
scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.
local
low complexity
tukaani CWE-20
7.8