Vulnerability-Lookup

CVE-2022-30333 (GCVE-0-2022-30333)

Vulnerability from cvelistv5 – Published: 2022-05-09 00:00 – Updated: 2025-10-21 23:15

CISA KEV KEVintel KEV

Summary

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

SSVC

Exploitation: active Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

n/a
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

mitre

References

7 references

URL	Tags
https://www.rarlab.com/rar_add.htm
https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
https://blog.sonarsource.com/zimbra-pre-auth-rce-…
http://packetstormsecurity.com/files/167989/Zimbr…
https://lists.debian.org/debian-lts-announce/2023…	mailing-list
https://security.gentoo.org/glsa/202309-04	vendor-advisory
https://www.cisa.gov/known-exploited-vulnerabilit…	government-resource

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: e84219f4-2a3a-44ff-80ee-bd035efd3481

Vulnerability ID: CVE-2022-30333

Status: Confirmed

Status Updated: 2022-08-09 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-08-09

Asserted: 2022-08-09

Scope

Notes: KEV entry: RARLAB UnRAR Directory Traversal Vulnerability | Affected: RARLAB / UnRAR | Description: RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation. | Required action: Apply updates per vendor instructions. | Due date: 2022-08-30 | Known ransomware campaign use (KEV): Known | Notes (KEV): Vulnerability updated with version 6.12. Accessing link will download update information: https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz; https://nvd.nist.gov/vuln/detail/CVE-2022-30333

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-22 CWE-59
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	UnRAR
Due Date	2022-08-30
Date Added	2022-08-09
Vendorproject	RARLAB
Vulnerabilityname	RARLAB UnRAR Directory Traversal Vulnerability
Knownransomwarecampaignuse	Known

References

CVE-2022-30333

Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 09ce4995-c84b-4d50-8e9d-cc889458d072

Vulnerability ID: CVE-2022-30333

Status: Confirmed

Status Updated: 2022-08-09 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-08-09

Asserted: 2022-08-09

Scope

Notes: KEVIntel entry: RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated... | Affected: RARLAB / UnRAR | CVSS: 7.5 (HIGH) | Used in malware: yes | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Confirmed Compromise

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated...
Vendor	RARLAB
Product	UnRAR
Added Date	2022-08-09T00:00:00.000Z
Cvss Score	7.5
Epss Score	None
Cvss Severity	HIGH
Epss Percentile	None
Used In Malware	yes
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	False

References

Created: 2026-06-19 12:47 UTC | Updated: 2026-06-19 12:47 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:48:35.705Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.rarlab.com/rar_add.htm"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
          },
          {
            "name": "[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
          },
          {
            "name": "GLSA-202309-04",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202309-04"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-30333",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T16:18:17.553759Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-08-09",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-59",
                "description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-22",
                "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:40.223Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-08-09T00:00:00.000Z",
            "value": "CVE-2022-30333 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-17T06:06:09.291Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.rarlab.com/rar_add.htm"
        },
        {
          "url": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz"
        },
        {
          "url": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/"
        },
        {
          "url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
        },
        {
          "name": "[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
        },
        {
          "name": "GLSA-202309-04",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202309-04"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-30333",
    "datePublished": "2022-05-09T00:00:00.000Z",
    "dateReserved": "2022-05-07T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:40.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2022-30333",
      "cwes": "[\"CWE-22\", \"CWE-59\"]",
      "dateAdded": "2022-08-09",
      "dueDate": "2022-08-30",
      "knownRansomwareCampaignUse": "Known",
      "notes": "Vulnerability updated with version 6.12. Accessing link will download update information: https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz;  https://nvd.nist.gov/vuln/detail/CVE-2022-30333",
      "product": "UnRAR",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.",
      "vendorProject": "RARLAB",
      "vulnerabilityName": "RARLAB UnRAR Directory Traversal Vulnerability"
    },
    "epss": {
      "cve": "CVE-2022-30333",
      "date": "2026-06-19",
      "epss": "0.98975",
      "percentile": "0.99924"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-08-30",
      "cisaExploitAdd": "2022-08-09",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "RARLAB UnRAR Directory Traversal Vulnerability",
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rarlab:unrar:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.12\", \"matchCriteriaId\": \"35D143B1-7FE7-4580-886E-4A54F6AB0CD9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A90CB3A-9BE7-475C-9E75-6ECAD2106302\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.\"}, {\"lang\": \"es\", \"value\": \"RARLAB UnRAR versiones hasta 6.12, en Linux y UNIX permite un salto de directorio para escribir en los archivos durante una operaci\\u00f3n de extracci\\u00f3n (tambi\\u00e9n se conoce como desempaquetado), como es demostrado creando un archivo ~/.ssh/authorized_keys. NOTA: WinRAR y Android RAR no est\\u00e1n afectados\"}]",
      "id": "CVE-2022-30333",
      "lastModified": "2024-11-21T07:02:36.683",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-05-09T08:15:06.937",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202309-04\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://www.rarlab.com/rar_add.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\"]}, {\"url\": \"http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202309-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://www.rarlab.com/rar_add.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-30333\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-05-09T08:15:06.937\",\"lastModified\":\"2025-11-03T16:20:12.860\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.\"},{\"lang\":\"es\",\"value\":\"RARLAB UnRAR versiones hasta 6.12, en Linux y UNIX permite un salto de directorio para escribir en los archivos durante una operaci\u00f3n de extracci\u00f3n (tambi\u00e9n se conoce como desempaquetado), como es demostrado creando un archivo ~/.ssh/authorized_keys. NOTA: WinRAR y Android RAR no est\u00e1n afectados\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-08-09\",\"cisaActionDue\":\"2022-08-30\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"RARLAB UnRAR Directory Traversal Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"},{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rarlab:unrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12\",\"matchCriteriaId\":\"35D143B1-7FE7-4580-886E-4A54F6AB0CD9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A90CB3A-9BE7-475C-9E75-6ECAD2106302\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202309-04\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.rarlab.com/rar_add.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202309-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.rarlab.com/rar_add.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.rarlab.com/rar_add.htm\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html\", \"name\": \"[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202309-04\", \"name\": \"GLSA-202309-04\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T06:48:35.705Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-30333\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T16:18:17.553759Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-08-09\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-08-09T00:00:00.000Z\", \"value\": \"CVE-2022-30333 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-59\", \"description\": \"CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T16:18:10.061Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.rarlab.com/rar_add.htm\"}, {\"url\": \"https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz\"}, {\"url\": \"https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/\"}, {\"url\": \"http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html\", \"name\": \"[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202309-04\", \"name\": \"GLSA-202309-04\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-09-17T06:06:09.291Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-30333\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:15:40.223Z\", \"dateReserved\": \"2022-05-07T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2022-05-09T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2022-AVI-551

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Zimbra. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Zimbra versions antérieures à 9.0.0 “Kepler” Patch 25
Zimbra versions antérieures à 8.8.15 Patch 32

PS : L'éditeur a identifié des problèmes liés à cette mise à jour de sécurité et recommande de ne pas l'appliquer pour le moment.

Zimbra indique que les problèmes liés à la mise à jour ont été identifiés et qu'il est désormais reommandé d'installer la mise à jour.

De plus, l'éditeur indique avoir corrigé la vulnérabilité CVE-2022-30333 en utilisant le paquet 7zip à la place d'unrar. Les utilisateurs sont invités à désinstaller unrar.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

CERTFR-2022-AVI-551

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Zimbra versions antérieures à 9.0.0 “Kepler” Patch 25
Zimbra versions antérieures à 8.8.15 Patch 32

PS : L'éditeur a identifié des problèmes liés à cette mise à jour de sécurité et recommande de ne pas l'appliquer pour le moment.

Zimbra indique que les problèmes liés à la mise à jour ont été identifiés et qu'il est désormais reommandé d'installer la mise à jour.

De plus, l'éditeur indique avoir corrigé la vulnérabilité CVE-2022-30333 en utilisant le paquet 7zip à la place d'unrar. Les utilisateurs sont invités à désinstaller unrar.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

CNVD-2022-49972

Vulnerability from cnvd - Published: 2022-07-07

Title

RARLAB UnRAR目录遍历漏洞

Description

UnRAR是一个可解压rar后缀文件的命令。 RARLAB UnRAR 6.12 之前版本存在目录遍历漏洞，该漏洞源于在处理目录请求时的路径缺乏有效性检查，攻击者可利用该漏洞在提取（也称为解包）操作期间目录遍历写入文件。

Severity

中

Patch Name

RARLAB UnRAR目录遍历漏洞的补丁

Patch Description

UnRAR是一个可解压rar后缀文件的命令。 RARLAB UnRAR 6.12 之前版本存在目录遍历漏洞，该漏洞源于在处理目录请求时的路径缺乏有效性检查，攻击者可利用该漏洞在提取（也称为解包）操作期间目录遍历写入文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz

Reference

https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz

Impacted products

Name
RARLAB UnRar <6.12

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-30333",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-30333"
    }
  },
  "description": "UnRAR\u662f\u4e00\u4e2a\u53ef\u89e3\u538brar\u540e\u7f00\u6587\u4ef6\u7684\u547d\u4ee4\u3002\n\nRARLAB UnRAR 6.12 \u4e4b\u524d\u7248\u672c\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u5904\u7406\u76ee\u5f55\u8bf7\u6c42\u65f6\u7684\u8def\u5f84\u7f3a\u4e4f\u6709\u6548\u6027\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u63d0\u53d6\uff08\u4e5f\u79f0\u4e3a\u89e3\u5305\uff09\u64cd\u4f5c\u671f\u95f4\u76ee\u5f55\u904d\u5386\u5199\u5165\u6587\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.rarlab.com/rar/rarlinux-x32-612.tar.gz",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-49972",
  "openTime": "2022-07-07",
  "patchDescription": "UnRAR\u662f\u4e00\u4e2a\u53ef\u89e3\u538brar\u540e\u7f00\u6587\u4ef6\u7684\u547d\u4ee4\u3002\r\n\r\nRARLAB UnRAR 6.12 \u4e4b\u524d\u7248\u672c\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u5904\u7406\u76ee\u5f55\u8bf7\u6c42\u65f6\u7684\u8def\u5f84\u7f3a\u4e4f\u6709\u6548\u6027\u68c0\u67e5\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u63d0\u53d6\uff08\u4e5f\u79f0\u4e3a\u89e3\u5305\uff09\u64cd\u4f5c\u671f\u95f4\u76ee\u5f55\u904d\u5386\u5199\u5165\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "RARLAB UnRAR\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "RARLAB UnRar \u003c6.12"
  },
  "referenceLink": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz",
  "serverity": "\u4e2d",
  "submitTime": "2022-05-11",
  "title": "RARLAB UnRAR\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e"
}

FKIE_CVE-2022-30333

Vulnerability from fkie_nvd - Published: 2022-05-09 08:15 - Updated: 2026-06-17 04:43

CISA KEV KEVintel KEV

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/	Exploit, Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html	Mailing List, Third Party Advisory
cve@mitre.org	https://security.gentoo.org/glsa/202309-04	Third Party Advisory
cve@mitre.org	https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz	Patch
cve@mitre.org	https://www.rarlab.com/rar_add.htm	Product
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202309-04	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz	Patch
af854a3a-2127-422b-91ae-364da2661108	https://www.rarlab.com/rar_add.htm	Product
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333	US Government Resource

Impacted products

Vendor	Product	Version
rarlab	unrar	*
linux	linux_kernel	-
opengroup	unix	-
debian	debian_linux	10.0

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "cve@mitre.org"
    }
  ],
  "cisaActionDue": "2022-08-30",
  "cisaExploitAdd": "2022-08-09",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "RARLAB UnRAR Directory Traversal Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rarlab:unrar:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D143B1-7FE7-4580-886E-4A54F6AB0CD9",
              "versionEndExcluding": "6.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A90CB3A-9BE7-475C-9E75-6ECAD2106302",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected."
    },
    {
      "lang": "es",
      "value": "RARLAB UnRAR versiones hasta 6.12, en Linux y UNIX permite un salto de directorio para escribir en los archivos durante una operaci\u00f3n de extracci\u00f3n (tambi\u00e9n se conoce como desempaquetado), como es demostrado creando un archivo ~/.ssh/authorized_keys. NOTA: WinRAR y Android RAR no est\u00e1n afectados"
    }
  ],
  "id": "CVE-2022-30333",
  "lastModified": "2026-06-17T04:43:31.200",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2022-30333",
          "options": [
            {
              "exploitation": "active"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-01-29T16:18:17.553759Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2022-05-09T08:15:06.937",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202309-04"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://www.rarlab.com/rar_add.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202309-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://www.rarlab.com/rar_add.htm"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        },
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-H4MR-P94X-GF79

Vulnerability from github – Published: 2022-05-10 00:00 – Updated: 2025-10-22 00:32

Details

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-30333"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-09T08:15:00Z",
    "severity": "HIGH"
  },
  "details": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.",
  "id": "GHSA-h4mr-p94x-gf79",
  "modified": "2025-10-22T00:32:32Z",
  "published": "2022-05-10T00:00:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30333"
    },
    {
      "type": "WEB",
      "url": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202309-04"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30333"
    },
    {
      "type": "WEB",
      "url": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz"
    },
    {
      "type": "WEB",
      "url": "https://www.rarlab.com/rar_add.htm"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-30333

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-30333

Aliases

CVE-2022-30333

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-30333",
    "description": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.",
    "id": "GSD-2022-30333",
    "references": [
      "https://advisories.mageia.org/CVE-2022-30333.html",
      "https://www.suse.com/security/cve/CVE-2022-30333.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-30333"
      ],
      "details": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.",
      "id": "GSD-2022-30333",
      "modified": "2023-12-13T01:19:36.733783Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2022-30333",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.rarlab.com/rar_add.htm",
            "refsource": "MISC",
            "url": "https://www.rarlab.com/rar_add.htm"
          },
          {
            "name": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz",
            "refsource": "CONFIRM",
            "url": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz"
          },
          {
            "name": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/",
            "refsource": "MISC",
            "url": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/"
          },
          {
            "name": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
          },
          {
            "name": "[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
          },
          {
            "name": "GLSA-202309-04",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202309-04"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:rarlab:unrar:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.12",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-30333"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz"
            },
            {
              "name": "https://www.rarlab.com/rar_add.htm",
              "refsource": "MISC",
              "tags": [
                "Product"
              ],
              "url": "https://www.rarlab.com/rar_add.htm"
            },
            {
              "name": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/"
            },
            {
              "name": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
            },
            {
              "name": "[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
            },
            {
              "name": "GLSA-202309-04",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/202309-04"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-09-17T07:15Z",
      "publishedDate": "2022-05-09T08:15Z"
    }
  }
}

SUSE-SU-2022:1760-1

Vulnerability from csaf_suse - Published: 2022-05-19 16:03 - Updated: 2022-05-19 16:03

Summary

Security update for unrar

Severity

Moderate

Notes

Title of the patch: Security update for unrar

Description of the patch: This update for unrar fixes the following issues: - CVE-2022-30333: Fixed directory traversal issue that allowed writing to non-designated paths (bsc#1199349).

Patchnames: SUSE-2022-1760,SUSE-SLE-SDK-12-SP5-2022-1760,SUSE-SLE-SERVER-12-SP5-2022-1760

CVE-2022-30333

6.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

8 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1199349	self
https://www.suse.com/security/cve/CVE-2022-30333/	self
https://www.suse.com/security/cve/CVE-2022-30333	external
https://bugzilla.suse.com/1199349	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for unrar",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for unrar fixes the following issues:\n\n- CVE-2022-30333: Fixed directory traversal issue that allowed writing to non-designated paths (bsc#1199349).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-1760,SUSE-SLE-SDK-12-SP5-2022-1760,SUSE-SLE-SERVER-12-SP5-2022-1760",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1760-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:1760-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221760-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:1760-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011102.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199349",
        "url": "https://bugzilla.suse.com/1199349"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30333 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30333/"
      }
    ],
    "title": "Security update for unrar",
    "tracking": {
      "current_release_date": "2022-05-19T16:03:03Z",
      "generator": {
        "date": "2022-05-19T16:03:03Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:1760-1",
      "initial_release_date": "2022-05-19T16:03:03Z",
      "revision_history": [
        {
          "date": "2022-05-19T16:03:03Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libunrar-devel-5.6.1-4.8.1.aarch64",
                "product": {
                  "name": "libunrar-devel-5.6.1-4.8.1.aarch64",
                  "product_id": "libunrar-devel-5.6.1-4.8.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libunrar5_6_1-5.6.1-4.8.1.aarch64",
                "product": {
                  "name": "libunrar5_6_1-5.6.1-4.8.1.aarch64",
                  "product_id": "libunrar5_6_1-5.6.1-4.8.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "unrar-5.6.1-4.8.1.aarch64",
                "product": {
                  "name": "unrar-5.6.1-4.8.1.aarch64",
                  "product_id": "unrar-5.6.1-4.8.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libunrar-devel-5.6.1-4.8.1.i586",
                "product": {
                  "name": "libunrar-devel-5.6.1-4.8.1.i586",
                  "product_id": "libunrar-devel-5.6.1-4.8.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "libunrar5_6_1-5.6.1-4.8.1.i586",
                "product": {
                  "name": "libunrar5_6_1-5.6.1-4.8.1.i586",
                  "product_id": "libunrar5_6_1-5.6.1-4.8.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "unrar-5.6.1-4.8.1.i586",
                "product": {
                  "name": "unrar-5.6.1-4.8.1.i586",
                  "product_id": "unrar-5.6.1-4.8.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libunrar-devel-5.6.1-4.8.1.ppc64le",
                "product": {
                  "name": "libunrar-devel-5.6.1-4.8.1.ppc64le",
                  "product_id": "libunrar-devel-5.6.1-4.8.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libunrar5_6_1-5.6.1-4.8.1.ppc64le",
                "product": {
                  "name": "libunrar5_6_1-5.6.1-4.8.1.ppc64le",
                  "product_id": "libunrar5_6_1-5.6.1-4.8.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "unrar-5.6.1-4.8.1.ppc64le",
                "product": {
                  "name": "unrar-5.6.1-4.8.1.ppc64le",
                  "product_id": "unrar-5.6.1-4.8.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libunrar-devel-5.6.1-4.8.1.s390",
                "product": {
                  "name": "libunrar-devel-5.6.1-4.8.1.s390",
                  "product_id": "libunrar-devel-5.6.1-4.8.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "libunrar5_6_1-5.6.1-4.8.1.s390",
                "product": {
                  "name": "libunrar5_6_1-5.6.1-4.8.1.s390",
                  "product_id": "libunrar5_6_1-5.6.1-4.8.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "unrar-5.6.1-4.8.1.s390",
                "product": {
                  "name": "unrar-5.6.1-4.8.1.s390",
                  "product_id": "unrar-5.6.1-4.8.1.s390"
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libunrar-devel-5.6.1-4.8.1.s390x",
                "product": {
                  "name": "libunrar-devel-5.6.1-4.8.1.s390x",
                  "product_id": "libunrar-devel-5.6.1-4.8.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libunrar5_6_1-5.6.1-4.8.1.s390x",
                "product": {
                  "name": "libunrar5_6_1-5.6.1-4.8.1.s390x",
                  "product_id": "libunrar5_6_1-5.6.1-4.8.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "unrar-5.6.1-4.8.1.s390x",
                "product": {
                  "name": "unrar-5.6.1-4.8.1.s390x",
                  "product_id": "unrar-5.6.1-4.8.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libunrar-devel-5.6.1-4.8.1.x86_64",
                "product": {
                  "name": "libunrar-devel-5.6.1-4.8.1.x86_64",
                  "product_id": "libunrar-devel-5.6.1-4.8.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libunrar5_6_1-5.6.1-4.8.1.x86_64",
                "product": {
                  "name": "libunrar5_6_1-5.6.1-4.8.1.x86_64",
                  "product_id": "libunrar5_6_1-5.6.1-4.8.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "unrar-5.6.1-4.8.1.x86_64",
                "product": {
                  "name": "unrar-5.6.1-4.8.1.x86_64",
                  "product_id": "unrar-5.6.1-4.8.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar-devel-5.6.1-4.8.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.aarch64"
        },
        "product_reference": "libunrar-devel-5.6.1-4.8.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar-devel-5.6.1-4.8.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.ppc64le"
        },
        "product_reference": "libunrar-devel-5.6.1-4.8.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar-devel-5.6.1-4.8.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.s390x"
        },
        "product_reference": "libunrar-devel-5.6.1-4.8.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar-devel-5.6.1-4.8.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.x86_64"
        },
        "product_reference": "libunrar-devel-5.6.1-4.8.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar5_6_1-5.6.1-4.8.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.aarch64"
        },
        "product_reference": "libunrar5_6_1-5.6.1-4.8.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar5_6_1-5.6.1-4.8.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.ppc64le"
        },
        "product_reference": "libunrar5_6_1-5.6.1-4.8.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar5_6_1-5.6.1-4.8.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.s390x"
        },
        "product_reference": "libunrar5_6_1-5.6.1-4.8.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libunrar5_6_1-5.6.1-4.8.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.x86_64"
        },
        "product_reference": "libunrar5_6_1-5.6.1-4.8.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.aarch64"
        },
        "product_reference": "unrar-5.6.1-4.8.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.ppc64le"
        },
        "product_reference": "unrar-5.6.1-4.8.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.s390x"
        },
        "product_reference": "unrar-5.6.1-4.8.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.x86_64"
        },
        "product_reference": "unrar-5.6.1-4.8.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.aarch64"
        },
        "product_reference": "unrar-5.6.1-4.8.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.ppc64le"
        },
        "product_reference": "unrar-5.6.1-4.8.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.s390x"
        },
        "product_reference": "unrar-5.6.1-4.8.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "unrar-5.6.1-4.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.x86_64"
        },
        "product_reference": "unrar-5.6.1-4.8.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-30333",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30333"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30333",
          "url": "https://www.suse.com/security/cve/CVE-2022-30333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199349 for CVE-2022-30333",
          "url": "https://bugzilla.suse.com/1199349"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-05-19T16:03:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30333"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-30333 (GCVE-0-2022-30333)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Confirmed Compromise Confidence: 70% Source: kevintel

Details

References

CERTFR-2022-AVI-551

Solution

CERTFR-2022-AVI-551

Solution

CNVD-2022-49972

FKIE_CVE-2022-30333

GHSA-H4MR-P94X-GF79

GSD-2022-30333

SUSE-SU-2022:1760-1

Tags

Sightings

Nomenclature