Aggregates CVE and security vulnerability intelligence across all long_range_zip_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption and vendor risk buffer overflow and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-8844 | The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive. | [email protected] | 7.8 | 0.36% | 2017-05-08 | 2026-05-13 |
| CVE-2017-8843 | The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive. | [email protected] | 5.5 | 0.20% | 2017-05-08 | 2026-05-13 |
| CVE-2017-8842 | The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive. | [email protected] | 5.5 | 0.20% | 2017-05-08 | 2026-05-13 |