From 42dc2cb516be8cbca3380e457dc2f788f3367b6d Mon Sep 17 00:00:00 2001
From: world lee <lisj2019@buaa.edu.cn>
Date: Thu, 16 Mar 2023 09:57:16 +0000
Subject: [PATCH] add cve/unzip/2022/yaml/CVE-2022-0529.yaml.

Signed-off-by: world lee <lisj2019@buaa.edu.cn>
---
 cve/unzip/2022/yaml/CVE-2022-0529.yaml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 cve/unzip/2022/yaml/CVE-2022-0529.yaml

diff --git a/cve/unzip/2022/yaml/CVE-2022-0529.yaml b/cve/unzip/2022/yaml/CVE-2022-0529.yaml
new file mode 100644
index 00000000..87564b31
--- /dev/null
+++ b/cve/unzip/2022/yaml/CVE-2022-0529.yaml
@@ -0,0 +1,20 @@
+id: CVE-2022-0529
+source: https://github.com/nanaao/unzip_poc/tree/main/CVE-2022-0529
+info:
+  name: 
+  Linux unzip命令用于解压缩zip文件。unzip为.zip压缩文件的解压缩程序。
+  severity: MEDIUM
+  description: 
+    A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.
+  scope-of-influence:
+    unzip Up to (excluding) 6.0-r11
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0529
+  classification:
+    cvss-metrics:  CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
+    cvss-score: 5.5 
+    cve-id: CVE-2022-0529
+    cwe-id: CWE-787
+    cnvd-id: None
+    kve-id: None
+  tags: CVE-2022, unzip
\ No newline at end of file