RARLAB

Rar

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Medienbericht
  • EPSS 0.31%
  • Veröffentlicht 01.07.2026 02:41:39
  • Zuletzt bearbeitet 09.07.2026 06:16:18

An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply ...

Exploit
  • EPSS 0.55%
  • Veröffentlicht 05.12.2025 22:32:05
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Such manipulation leads to path traversal. It is possible to launch the attack remotely. Attac...

Exploit
  • EPSS 1.77%
  • Veröffentlicht 04.06.2017 23:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.