Lucene search
HistoryNov 22, 2023 - 11:15 p.m.
CVE-2023-48107
cve-2023-48107
buffer overflow
zlib-ng
minizip-ng
v.4.0.2
nvd
security vulnerability
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.0%
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_has_slash function in the mz_os.c file.
Affected configurations
Node
zlib-ngminizip-ngMatch4.0.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| zlib-ng:minizip-ng | zlib-ng minizip-ng | eq | 4.0.2 |
Related
nvd
nvd
CVE-2023-48107
2023-11-22 23:15:10
nessus
nessus
Fedora 39 : minizip-ng (2023-5aa1ebc5e9)
2023-12-26 00:00:00
Fedora 38 : minizip-ng (2023-2ca76c3aae)
2023-12-26 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: minizip-ng-3.0.7-5.fc39
2023-12-27 01:30:14
[SECURITY] Fedora 38 Update: minizip-ng-3.0.7-4.fc38
2023-12-27 03:17:51
openvas
openvas
Fedora: Security Advisory for minizip-ng (FEDORA-2023-2ca76c3aae)
2023-12-28 00:00:00
Fedora: Security Advisory for minizip-ng (FEDORA-2023-5aa1ebc5e9)
2023-12-27 00:00:00
cvelist
cvelist
CVE-2023-48107
2023-11-22 00:00:00
osv
osv
CVE-2023-48107
2023-11-22 23:15:10
prion
prion
Buffer overflow
2023-11-22 23:15:00
redos
redos
ROS-20240328-13
2024-03-28 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.0%
Related for CVE-2023-48107