zlib 1.2.0.1

CPE Details

zlib 1.2.0.1
zlib
zlib
1.2.0.1
2019-01-08
17h03 +00:00
2019-01-08
17h03 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:zlib:zlib:1.2.0.1:*:*:*:*:*:*:*

Informations

Vendor

zlib

Product

zlib

Version

1.2.0.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-45853 2023-10-13 22h00 +00:00 MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.
9.8
Critique
CVE-2022-37434 2022-08-05 00h00 +00:00 zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
9.8
Critique
CVE-2018-25032 2022-03-24 23h00 +00:00 zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
Haute
CVE-2016-9841 2017-05-23 01h56 +00:00 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
9.8
Critique
CVE-2016-9843 2017-05-23 01h56 +00:00 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
9.8
Critique