Vulnerabilities > Tukaani > XZ > 4.999.7

DATE CVE VULNERABILITY TITLE RISK
2022-08-31 CVE-2022-1271 Improper Input Validation vulnerability in multiple products
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility.
network
low complexity
gnu redhat debian tukaani CWE-20
8.8
8.8
2017-07-25 CVE-2015-4035 Improper Input Validation vulnerability in Tukaani XZ 4.999.7/4.999.8/4.999.9
scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.
local
low complexity
tukaani CWE-20
7.8
7.8