app-arch/unzip-6.0_p21-r2 has multiple high severity vulns:
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000035
- https://nvd.nist.gov/vuln/detail/CVE-2019-13232
- https://nvd.nist.gov/vuln/detail/CVE-2014-8141
- https://nvd.nist.gov/vuln/detail/CVE-2014-8139
- https://nvd.nist.gov/vuln/detail/CVE-2014-8140
- https://nvd.nist.gov/vuln/detail/CVE-2014-9636
- https://nvd.nist.gov/vuln/detail/CVE-2014-9913
- https://nvd.nist.gov/vuln/detail/CVE-2015-7696
- https://nvd.nist.gov/vuln/detail/CVE-2015-7697
- https://nvd.nist.gov/vuln/detail/CVE-2016-9844
- https://nvd.nist.gov/vuln/detail/CVE-2018-18384
related GLSA: https://security.gentoo.org/glsa/202003-58
found using https://github.com/mrl5/vulner
example packages depending on unzip:
$ equery depends unzip <REDACTED> app-arch/zip-3.0-r3 (app-arch/unzip) app-emulation/containerd-1.5.5 (app-arch/unzip) app-office/libreoffice-bin-7.3.0.3 (app-arch/unzip) dev-db/sqlite-3.32.3 (app-arch/unzip) dev-python/setuptools-59.7.0 (app-arch/unzip) www-client/firefox-bin-96.0.3 (app-arch/unzip)
- relates to
-
FL-9405 autogen for app-arch/unzip
- Closed