Lucene search
K

157 matches found

OSV
OSV
added 2023/11/22 11:15 p.m.7 views

AZL-43783 CVE-2023-48107 affecting package minizip 2.10.1-2

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...

8.8CVSS7.5AI score0.0126EPSS
Exploits1References1
NVD
NVD
added 2023/11/22 11:15 p.m.13 views

CVE-2023-48107

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...

8.8CVSS0.0126EPSS
Exploits1References5
Prion
Prion
added 2023/11/22 11:15 p.m.19 views

Buffer overflow

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...

6.8CVSS7.9AI score0.0126EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/11/22 6:15 p.m.15 views

CVE-2023-48106

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...

8.8CVSS0.0093EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/11/22 6:15 p.m.3 views

CVE-2023-48106

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...

8.8CVSS6.2AI score0.0093EPSS
Exploits1References2
OSV
OSV
added 2023/11/22 6:15 p.m.13 views

CVE-2023-48106

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...

8.8CVSS7.7AI score
Exploits0References1
OSV
OSV
added 2023/11/22 6:15 p.m.7 views

AZL-43840 CVE-2023-48106 affecting package minizip 2.10.1-2

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...

8.8CVSS7.5AI score0.0093EPSS
Exploits1References1
Prion
Prion
added 2023/11/22 6:15 p.m.18 views

Buffer overflow

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...

6.8CVSS8AI score0.0093EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.2 views

minizip-ng Security Vulnerabilities

minizip-ng is a zip manipulation library for zlib-ng written in C and supported on Windows, macOS, and Linux. A security vulnerability in zlib-ng minizip-ng version 4.0.2 exists that could allow an attacker to execute arbitrary code via the mzpathresolve function in the mzos.c file...

8.8CVSS7.6AI score0.0093EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.4 views

PT-2023-8864 · Unknown +1 · Minizip-Ng +1

Name of the Vulnerable Software and Affected Versions: minizip-ng version 4.0.2 Description: The issue is related to a Buffer Overflow vulnerability in the mz path has slash function, located in the mz os.c file, which can be exploited by an attacker using a crafted file. This could allow a remot...

10CVSS8.6AI score0.0126EPSS
Exploits2References12
CVE
CVE
added 2023/11/22 12:0 a.m.42 views

CVE-2023-48106

CVE-2023-48106: Buffer overflow in zlib-ng minizip-ng 4.0.2 via mz_path_resolve() in mz_os.c that can allow remote code execution when processing a crafted file. Public details confirm vulnerable component and root cause; exploitation status not provided. Affected software is minizip-ng v4.0.2; C...

8.8CVSS8.8AI score0.0093EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/11/22 12:0 a.m.20 views

CVE-2023-48107

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...

9AI score0.0126EPSS
Exploits1References3
CVE
CVE
added 2023/11/22 12:0 a.m.49 views

CVE-2023-48107

CVE-2023-48107 is a Buffer Overflow in zlib-ng minizip-ng v4.0.2 that allows arbitrary code execution via a crafted file targeting mz_path_has_slash() in mz_os.c. The NVD entry documents a high-severity, network-exploitable issue with a CVSS v3.1 base score of 8.8 (C:H, I:H, A:H; AV:N/AC:L/PR:N/U...

8.8CVSS8.7AI score0.0126EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.3 views

minizip-ng Security Vulnerabilities

minizip-ng is a zip manipulation library for zlib-ng written in C and supported on Windows, macOS, and Linux. A security vulnerability exists in zlib-ng minizip-ng version 4.0.2, which originated from allowing an attacker to execute arbitrary code via the mzpathhasslash function in the mzos.c fil...

8.8CVSS7.7AI score0.0126EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.8 views

PT-2023-8865 · Unknown +1 · Minizip-Ng +1

Name of the Vulnerable Software and Affected Versions: minizip-ng version 4.0.2 Description: The issue is related to a Buffer Overflow in the mz path resolve function, located in the mz os.c file, which can be exploited by an attacker using a crafted file. This could allow a remote attacker to...

10CVSS8.8AI score0.0126EPSS
Exploits2References6
Cvelist
Cvelist
added 2023/11/22 12:0 a.m.21 views

CVE-2023-48106

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...

9AI score0.0093EPSS
Exploits1References1
OSV
OSV
added 2023/11/09 12:55 p.m.7 views

MGASA-2023-0312 Updated zlib packages fix a security vulnerability

The updated packages fix a security vulnerability: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. CVE-2023-45853...

9.8CVSS9.8AI score0.02918EPSS
Exploits0References3
Mageia
Mageia
added 2023/11/09 12:55 p.m.100 views

Updated zlib packages fix a security vulnerability

The updated packages fix a security vulnerability: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. CVE-2023-45853...

9.8CVSS7.8AI score0.02918EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/04 12:0 a.m.24 views

Amazon Linux 2023 : minizip-compat, minizip-compat-devel, zlib (ALAS2023-2023-410)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-410 advisory. MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part...

9.8CVSS7.4AI score0.02918EPSS
Exploits0References4
Amazon
Amazon
added 2023/11/03 12:0 a.m.6 views

Medium: zlib

Issue Overview: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. CVE-2023-45853 Affected Packages: zlib Issue Correction:...

9.8CVSS8.1AI score0.02918EPSS
Exploits0
Rows per page
Query Builder