Vulnerabilities (CVE)

Filtered by vendor Rarzilla Subscribe
Filtered by product Unrar-free
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11190 1 Rarzilla 1 Unrar-free 2024-11-21 6.8 MEDIUM 7.8 HIGH
unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via an RAR archive containing a long filename.
CVE-2017-11189 1 Rarzilla 1 Unrar-free 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121.