0.002 Low
EPSS
Percentile
59.6%
Zziplib is vulnerable to denial of service (DoS) attacks.The application does not contains a uncontrolled memory allocation, allowing a malicious user to pass a zip file to the application to cause memory consumption and crash the application.
www.securityfocus.com/bid/103050
github.com/gdraheim/zziplib/blob/v0.13.62/zzip/zip.c#L414
github.com/gdraheim/zziplib/issues/22
lists.debian.org/debian-lts-announce/2018/02/msg00022.html
lists.debian.org/debian-lts-announce/2020/06/msg00029.html
usn.ubuntu.com/3699-1/