GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTORzipextractmethod() in zipextractor.c.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "extract", "binary_version": "1:1.3-1ubuntu0.1~esm1" }, { "binary_name": "libextractor-dev", "binary_version": "1:1.3-1ubuntu0.1~esm1" }, { "binary_name": "libextractor3", "binary_version": "1:1.3-1ubuntu0.1~esm1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "extract", "binary_version": "1:1.3-4+deb9u3build0.16.04.1" }, { "binary_name": "libextractor-dev", "binary_version": "1:1.3-4+deb9u3build0.16.04.1" }, { "binary_name": "libextractor3", "binary_version": "1:1.3-4+deb9u3build0.16.04.1" } ] }