0.004 Low
EPSS
Percentile
73.3%
ZZIPlib is vulnerable to denial of service (DoS) attacks. It is possible that a zip file will cause a bus error due to the loading of a misaligned address in the zzip_disk_findfirst function.
zzip_disk_findfirst
github.com/gdraheim/zziplib/blob/0283ed8eeb494d7fc30d019b53e49490b3e8a6d7/zzip/mmapped.c#L392
github.com/gdraheim/zziplib/issues/15
lists.debian.org/debian-lts-announce/2020/06/msg00029.html
usn.ubuntu.com/3699-1/