CVE-2022-0529

MEDIUM

Unzip - Heap-Based Buffer Overflow via Crafted Zip File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2022-0529. PoCs published by ByteHackr, nanaao, bytehackr.

AI-analyzed exploit summary This PoC demonstrates a heap out-of-bounds write/read vulnerability in unzip (CVE-2022-0529) during wide string to local string conversion. The exploit triggers memory corruption via a crafted zip archive, leading to potential DoS or further exploitation.

Description

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

Exploits (3)

nomisec WORKING POC 3 stars
by ByteHackr · poc
https://github.com/ByteHackr/unzip_poc

This PoC demonstrates a heap out-of-bounds write/read vulnerability in unzip (CVE-2022-0529) during wide string to local string conversion. The exploit triggers memory corruption via a crafted zip archive, leading to potential DoS or further exploitation.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: unzip 6.0
No auth needed
Prerequisites: Crafted zip archive with malicious wide string entries
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by nanaao · poc
https://github.com/nanaao/unzip_poc

This PoC demonstrates a heap out-of-bounds write/read vulnerability in unzip (CVE-2022-0529) during wide string to local string conversion. The exploit triggers memory corruption via a malformed ZIP archive, leading to potential DoS or further exploitation.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: unzip 6.0-53.fc35
No auth needed
Prerequisites: malformed ZIP archive · unzip binary
devstral-2 · analyzed Feb 16, 2026 Full analysis →
gitlab WORKING POC
by bytehackr · poc
https://gitlab.com/bytehackr/unzip_poc

This repository contains functional exploit scripts for CVE-2022-0529 and CVE-2022-0530, which are segmentation fault vulnerabilities in unzip 6.0. The scripts use Docker to reproduce the crash with valgrind, demonstrating the vulnerability.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: unzip 6.0
No auth needed
Prerequisites: Docker · testcase file
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (5)

Core 5
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=2051395
Exploit, Third Party Advisory x_refsource_misc
https://github.com/ByteHackr/unzip_poc
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2022/dsa-5202
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html

Scores

CVSS v3 5.5
EPSS 0.0242
EPSS Percentile 82.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-787
Status published
Products (5)
debian/debian_linux 10.0
debian/debian_linux 11.0
fedoraproject/fedora 35
redhat/enterprise_linux 8.0
unzip_project/unzip 6.0
Published Feb 09, 2022
Tracked Since Feb 18, 2026