View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-1000035 severity important: SUSE including 249 source package names (0.23.1-12.3:unzip-6.00-4.3.1, amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, …), 510 product×package rows across 270 product lines (Container bci/spack, Image SLES12-SP5-Azure-BYOS, … (270 product lines)): Fixed 263, Known Affected 231, Known Not Affected 16.
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.