Astra Linux - уязвимость в zlib, libz-mingw-w64

Zlib versions up to 1.2.12 have a heap-based buffer over-read or buffer overflow issue in the inflate function within inflate.c, due to a large gzip header extra field. NOTE: Only applications that call inflateGetHeader are affected. Some common applications bundle the affected Zlib source code,...

JLSEC-2026-478

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

CVE-2026-35465 SecureDrop Client has path injection in read_gzip_header_filename()

SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation. In versions 0.17.4 and below, a compromised SecureDrop Server can achieve code execution on the Client's virtual machine sd-app by exploiting improper...

MiracleLinux 7 : zlib-1.2.7-21.el7 (AXSA:2023-5213:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5213:04 advisory. zlib: heap-based buffer over-read and overflow in inflate in inflate.c via a large gzip header extra field CVE-2022-37434 Tenable has extracted the preceding...

MiracleLinux 9 : zlib-1.2.11-32.el9 (AXSA:2023-5086:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5086:03 advisory. zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field CVE-2022-37434 Tenable has extracted the...

MiracleLinux 9 : rsync-3.2.3-18.el9 (AXSA:2023-4603:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4603:01 advisory. zlib: heap-based buffer over-read and overflow in inflate in inflate.c via a large gzip header extra field CVE-2022-37434 Tenable has extracted the preceding...

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Out-of-bounds Write (CVE-2022-37434)

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

TencentOS Server 2: zlib (TSSA-2023:0038)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0038 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / crash / teckit / zlib (CVE-2022-37434)

The version of cloud-hypervisor-cvm / crash / teckit / zlib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-37434 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overfl...

zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader...

CLSA-2023-1699380056 rsync: Fix of 2 CVEs

CVE-2018-25032: fix a bug that can crash deflate on some input when using ZFIXED - CVE-2022-37434: fix zlib bug with a large gzip header extra field...

CentOS 7 : zlib (RHSA-2023:1095)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1095 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications...

minizip, zlib security update

CentOS Errata and Security Advisory CESA-2023:1095 An update for zlib is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

K67213091: Zlib vulnerability CVE-2022-37434

Security Advisory Description zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but ma...

SUSE CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

EulerOS 2.0 SP10 : binutils (EulerOS-SA-2023-1349)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - zlib...

EulerOS Virtualization 2.9.1 : zlib (EulerOS-SA-2023-1211)

According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field...

EulerOS 2.0 SP9 : binutils (EulerOS-SA-2023-1118)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - zlib...

Huawei EulerOS: Security Advisory for zlib (EulerOS-SA-2022-2924)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : zlib (EulerOS-SA-2022-2950)

According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field...