CVE-2021-4217
N/A
N/A
Summary
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | unzip | unzip 6.0 | affected |
Weaknesses
- CWE-476: CWE-476 - NULL Pointer Dereference
ADP Enrichment
CVE Program Container
Additional References
- https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077
- https://bugzilla.redhat.com/show_bug.cgi?id=2044583
- https://access.redhat.com/security/cve/CVE-2021-4217
References
- https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077
- https://bugzilla.redhat.com/show_bug.cgi?id=2044583
- https://access.redhat.com/security/cve/CVE-2021-4217
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.