CVE-2018-6381
Software
zziplib
Reported version
0.13.67
Cmd
unzip-mem $FILE
Description
We get the reference PoC(gdraheim/zziplib#12) from links provided in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6381
We manually prove the existence of this vulnerability on versions (0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63), while the reference PoC fails to trigger it on these versions.
We provide PoCs works for these versions.