UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-08-07
Updated
2023-08-17
CVE-2022-30333
Known exploited
Public exploit
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
Max CVSS
7.5
EPSS Score
88.00%
Published
2022-05-09
Updated
2023-09-17
CISA KEV Added
2022-08-09
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
Max CVSS
9.8
EPSS Score
0.30%
Published
2017-08-18
Updated
2018-06-16
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
Max CVSS
9.8
EPSS Score
0.47%
Published
2017-08-18
Updated
2018-06-16
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.
Max CVSS
9.8
EPSS Score
0.47%
Published
2017-08-18
Updated
2018-06-16
UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
Max CVSS
7.5
EPSS Score
0.33%
Published
2017-08-18
Updated
2017-08-29
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the "DestPos" variable, which allows the attacker to write out of bounds when setting Mem[DestPos].
Max CVSS
10.0
EPSS Score
2.42%
Published
2017-06-22
Updated
2018-10-21
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive.
Max CVSS
6.8
EPSS Score
8.55%
Published
2007-02-08
Updated
2017-07-29
8 vulnerabilities found