Browse all 4 CVE security advisories affecting info-zip. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Info-ZIP is a widely used open-source suite for creating and extracting ZIP archives, serving as a core utility for data compression across numerous platforms. Historically, vulnerabilities in Info-ZIP have commonly included buffer overflows leading to remote code execution, integer overflows, and path traversal flaws. While no major security incidents have been widely documented, the four recorded CVEs highlight potential risks in memory handling and input validation. The software's long-standing presence and broad deployment make it a persistent target for exploitation, particularly through malformed archive files that can trigger memory corruption or unauthorized access if proper safeguards aren't implemented.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2014-8141 | Info-ZIP UnZip 缓冲区错误漏洞 — UnZip | 7.8 | - | 2020-01-31 |
| CVE-2014-8140 | Info-ZIP UnZip 缓冲区错误漏洞 — UnZip | 7.8 | - | 2020-01-31 |
| CVE-2014-8139 | Info-ZIP UnZip 缓冲区错误漏洞 — UnZip | 7.0 | - | 2020-01-31 |
| CVE-2008-0888 | Info-ZIP UnZip inflate_dynamic()函数内存堆栈破坏漏洞 — unzip | 9.8 | - | 2008-03-17 |
This page lists every published CVE security advisory associated with info-zip. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.