{"id":"AZL-35336","summary":"CVE-2015-7696 affecting package unzip for versions less than 6.0-20","details":"Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.","modified":"2026-04-01T05:12:04.514843Z","published":"2015-11-06T18:59:04Z","upstream":["CVE-2015-7696"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7696"}],"affected":[{"package":{"name":"unzip","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/unzip"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0-20"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-35336.json"}}],"schema_version":"1.7.5"}