| ID |
CVE-2021-4217
|
| Summary |
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:*
cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
|
| CVSS |
| Base: | None |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-476 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
|
|
|
|
| Impact |
| Confidentiality | Integrity | Availability |
|
|
|
|
| Last major update |
29-11-2022 - 15:45 |
| Published |
24-08-2022 - 16:15 |
| Last modified |
29-11-2022 - 15:45 |
