25 matches found
Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Out-of-bounds Write (CVE-2022-37434)
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
ABB M2M Gateway Heap Overflow in embedded Zlib (CVE-2022-37434)
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
RHEL 6 : zlib (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip46 CVE-2023-45853 -...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : klibc vulnerabilities (USN-6736-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6736-1 advisory. It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attack...
Huawei EulerOS: Security Advisory for zlib (EulerOS-SA-2023-2205)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : minizip-compat, minizip-compat-devel, zlib (ALAS2023-2023-003)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-003 advisory. An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large numbe...
EulerOS 2.0 SP10 : binutils (EulerOS-SA-2023-1377)
According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - zlib...
EulerOS Virtualization 2.9.0 : mariadb-connector-c (EulerOS-SA-2023-1227)
According to the versions of the mariadb-connector-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...
EulerOS 2.0 SP9 : binutils (EulerOS-SA-2023-1118)
According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - zlib...
Amazon Linux 2022 : zlib (ALAS2022-2022-252)
The version of zlib installed on the remote host is prior to 1.2.11-33. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-252 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra...
zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader...
zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader...
zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader...
FreeBSD-SA-22:13.zlib
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:13.zlib Security Advisory The FreeBSD Project Topic: zlib heap buffer overflow Category: contrib Module: zlib Announced: 2022-08-30 Credits: Evgeny Legerov o...
SUSE SLES12 Security Update : zlib (SUSE-SU-2022:2846-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2846-1 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in inflate.c via a large gzip header extra field. Note: only applications that call inflateGetHeader are affected. Remediation Upgrade zlib to version 1.2.13 or higher. References - GitHub Commit - Vulnerable Code...
AZL-44358 CVE-2022-37434 affecting package deltarpm 3.6.5-2
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
AZL-42760 CVE-2022-37434 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
AZL-43906 CVE-2022-37434 affecting package ogdi 4.1.0-9
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
AZL-44991 CVE-2022-37434 affecting package fltk 1.3.8-1
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...