Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts via the functions get_magic in lrzip.c and Predictor::init in libzpaq/libzpaq.cpp. These vulnerabilities allow attackers to cause a Denial of Service via unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Long_range_zip | Long_range_zip_project | 0.651 (including) | 0.651 (including) |