2 matches found
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation via the crc32big function, which clones from zlib but did not receive the security patch. An attacker can cause unintended behavior or potentially compromise data integrity by exploiting improper handling of...
zlib: Big-endian out-of-bounds pointer
The crc32big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation...