zlib 1.1.4

CPE Details

zlib 1.1.4
zlib
zlib
1.1.4
2019-01-08
17h03 +00:00
2022-06-22
14h40 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:zlib:zlib:1.1.4:*:*:*:*:*:*:*

Informations

Vendor

zlib

Product

zlib

Version

1.1.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-45853 2023-10-13 22h00 +00:00 MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.
9.8
Critical
CVE-2022-37434 2022-08-05 00h00 +00:00 zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
9.8
Critical
CVE-2018-25032 2022-03-24 23h00 +00:00 zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
High
CVE-2003-0107 2004-09-01 02h00 +00:00 Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
7.5