EulerOS 2.0 SP10 : deltarpm (EulerOS-SA-2022-2816)

According to the versions of the deltarpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes a large dynami...

K15893: Apache HTTP server vulnerabilities CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, and CVE-2014-3523

Security Advisory Description CVE-2014-0117 The modproxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service child-process crash via a crafted HTTP Connection header. CVE-2014-0118 The deflateinfilter function...

GLSA-202210-42 : zlib: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-42 zlib: Multiple vulnerabilities - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - zlib through 1.2.12 has a heap-based buffer...

Security Bulletin: IBM Content Manager OnDemand for IBM i is affected by a vulnerability CVE-2018-25032

Summary There is vulnerability in Zlib used by IBM Content Manager OnDemand for IBM i. IBM Content Manager OnDemand for IBM i has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a memory corruption in the...

Security Bulletin: IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service due to zlib (CVE-2018-25032)

Summary IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service due to zlib. The fix includes zlib 1.2.12. Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By...

Security Bulletin: IBM MQ is vulnerable to an issue within the Zlib library (CVE-2018-25032)

Summary An issue was identified within the Zlib library that affects IBM MQ. IBM MQ uses Zlib to perform message compression. Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many...

Security Bulletin: A vulneraqbility in Zlib affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2018-25032)

Summary A vulneraqbility in Zlib affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent and IBM Tivoli Composite Application Manager for Transactions Web Response Time agent. Vulnerability Details CVEID:CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to denial of service due to zlib (CVE-2018-25032)

Summary There is a vulnerability in the zlib library used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable issue. Vulnerability Details CVEID: CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service,...

Malicious code in bfx-facs-deflate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a83470951196db37449563f91202247324bc8368f0a415fcd31d45e31bf74342 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1522 Malicious code in bfx-facs-deflate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a83470951196db37449563f91202247324bc8368f0a415fcd31d45e31bf74342 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CLSA-2022-1652986558 Fixed CVE-2018-25032 in rsync

CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches...

CLSA-2022-1652986439 Fix CVE(s): CVE-2018-25032

SECURITY UPDATE: memory corruption when deflating - debian/patches/CVE-2018-25032-1.patch: fix a bug that can crash deflate on some input when using ZFIXED in deflate.c, deflate.h. - debian/patches/CVE-2018-25032-2.patch: assure that the number of bits for deflatePrime is valid in deflate.c. -...

zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large number of distant matches crafted payloads, the buffer into which the compressed or deflated data is written...

CLSA-2022-1649170583 Fix CVE(s): CVE-2018-25032

SECURITY UPDATE: memory corruption when deflating - debian/patches/CVE-2018-25032-1.patch: fix a bug that can crash deflate on some input when using ZFIXED in deflate.c, deflate.h. - debian/patches/CVE-2018-25032-2.patch: assure that the number of bits for deflatePrime is valid in deflate.c. -...

zlib before 1.2.12 allows memory corruption when deflating (i.e. when compressing) if the input has many distant matches.

...

ALPINE-CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

AZL-43753 CVE-2018-25032 affecting package openjpeg2 2.3.1-12

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

AZL-42759 CVE-2018-25032 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

DEBIAN-CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

GHSA-GVCP-948F-8F2P Use of Uninitialized Resource in libp2p-deflate

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...