Lucene search
K

157 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.72 views

Amazon Linux 2 : zlib (ALAS-2023-2320)

The version of zlib installed on the remote host is prior to 1.2.7-19. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2320 advisory. MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long...

9.8CVSS7.5AI score0.02918EPSS
Exploits0References4
Amazon
Amazon
added 2023/11/01 12:0 a.m.40 views

Medium: zlib

Issue Overview: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. CVE-2023-45853 Affected Packages: zlib Note: This advisor...

9.8CVSS8.2AI score0.02918EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/27 12:0 a.m.17 views

SUSE SLES12: libz1 / libz1-32bit / zlib-devel / zlib-devel-32bit / etc (SUSE-SU-2023:4216-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4216-1 advisory. - CVE-2023-45853: Fixed an integer overflow that would lead to a buffer overflow in the minizip subcomponent bsc1216378. Tenable has extract...

9.8CVSS7.1AI score0.02918EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/27 12:0 a.m.32 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : zlib (SUSE-SU-2023:4217-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4217-1 advisory. - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in...

9.8CVSS7.5AI score0.02918EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.6 views

The vulnerability of the zipOpenNewFileInZip4_64() function in the MiniZip package from the zlib library allows a attacker to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the zipOpenNewFileInZip464 function in the MiniZip package from the zlib library is related to integer overflow when processing file name lengths. Exploiting this vulnerability could allow an attacker to compromise the integrity, accessibility, and confidentiality of the...

10CVSS6.9AI score0.02918EPSS
Exploits0References15Affected Software7
CloudLinux
CloudLinux
added 2023/10/24 8:53 p.m.283 views

zlib: Fix of CVE-2023-45853

CVE-2023-45853: Reject overflows of zip header fields in minizip...

9.8CVSS6.6AI score0.02918EPSS
Exploits0
OSV
OSV
added 2023/10/24 8:53 p.m.10 views

CLSA-2023-1698180806 zlib: Fix of CVE-2023-45853

CVE-2023-45853: Reject overflows of zip header fields in minizip...

9.8CVSS6.8AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/24 8:45 p.m.7 views

CLSA-2023-1698180296 zlib: Fix of CVE-2023-45853

CVE-2023-45853: Reject overflows of zip header fields in minizip...

9.8CVSS6.8AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/24 8:41 p.m.8 views

CLSA-2023-1698180079 zlib: Fix of CVE-2023-45853

CVE-2023-45853: Reject overflows of zip header fields in minizip...

9.8CVSS6.8AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/24 8:37 p.m.8 views

CLSA-2023-1698179874 zlib: Fix of CVE-2023-45853

CVE-2023-45853: Reject overflows of zip header fields in minizip...

9.8CVSS7.1AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/24 8:35 p.m.7 views

CLSA-2023-1698179730 zlib: Fix of CVE-2023-45853

CVE-2023-45853: Reject overflows of zip header fields in minizip...

9.8CVSS6.8AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/24 8:33 p.m.10 views

CLSA-2023-1698179598 Fix CVE(s): CVE-2023-45853

SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip464 - CVE-2023-45853...

9.8CVSS6.8AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/24 8:27 p.m.6 views

CLSA-2023-1698179235 Fix CVE(s): CVE-2023-45853

SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip464 - CVE-2023-45853...

9.8CVSS7.1AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/20 11:6 a.m.4 views

OESA-2023-1751 zlib security update

Zlib is a free, general-purpose, not covered by any patents, lossless data-compression library for use on virtually any computer hardware and operating system. The zlib data format is itself portable across platforms. Security Fixes: MiniZip in zlib through 1.3 has an integer overflow and resulta...

9.8CVSS8.9AI score0.02918EPSS
Exploits0References2
Redos
Redos
added 2023/10/20 12:0 a.m.34 views

ROS-20231020-01

A vulnerability in the MiniZip component of the zlib library is related to an integer overflow and resulting heap-based buffer overflow in zipOpenNewFileInZip464 via long filename, comment or additional field. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

9.8CVSS7.4AI score0.02918EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/10/19 12:59 a.m.4 views

SUSE CVE-2023-45853

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

5.3CVSS8.9AI score0.02918EPSS
Exploits0References77
RedhatCVE
RedhatCVE
added 2023/10/16 11:57 p.m.197 views

CVE-2023-45853

A flaw was found in the MiniZip component of the zlib package. When opening a new file, MiniZip doesn't properly validate the filename, comments, or extra fields length against the data type used to store this information. This may allow an attacker to craft a malicious ZIP file that will lead to...

5.3CVSS9.7AI score0.02918EPSS
Exploits0References3
OSV
OSV
added 2023/10/14 3:31 a.m.4 views

GHSA-MQ29-J5XF-CJWR pyminizip affected by zlib's integer overflow/heap based buffer overflow vulnerability due to vulnerable dependency

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. pyminizip uses version 1.2.11 of zlib's code...

9.8CVSS7.4AI score0.02918EPSS
Exploits0References15
OSV
OSV
added 2023/10/14 2:15 a.m.5 views

AZL-35400 CVE-2023-45853 affecting package zlib for versions less than 1.3.1-1

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

9.8CVSS7.1AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2023/10/14 2:15 a.m.6 views

AZL-33350 CVE-2023-45853 affecting package rubygem-mini_portile2 for versions less than 2.8.0-1

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

9.8CVSS7.1AI score0.02918EPSS
Exploits0References1
Rows per page
Query Builder