William Robinet discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "unzip", "binary_version": "6.0-9ubuntu1.3" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2502-1.json"
{ "ecosystem": "Ubuntu:14.04:LTS", "cves": [ { "severity": [ { "score": "medium", "type": "Ubuntu" } ], "id": "CVE-2015-1315" } ] }