157 matches found
AZL-43783 CVE-2023-48107 affecting package minizip 2.10.1-2
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...
CVE-2023-48107
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...
Buffer overflow
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...
CVE-2023-48106
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...
CVE-2023-48106
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...
CVE-2023-48106
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...
AZL-43840 CVE-2023-48106 affecting package minizip 2.10.1-2
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...
Buffer overflow
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...
minizip-ng Security Vulnerabilities
minizip-ng is a zip manipulation library for zlib-ng written in C and supported on Windows, macOS, and Linux. A security vulnerability in zlib-ng minizip-ng version 4.0.2 exists that could allow an attacker to execute arbitrary code via the mzpathresolve function in the mzos.c file...
PT-2023-8864 · Unknown +1 · Minizip-Ng +1
Name of the Vulnerable Software and Affected Versions: minizip-ng version 4.0.2 Description: The issue is related to a Buffer Overflow vulnerability in the mz path has slash function, located in the mz os.c file, which can be exploited by an attacker using a crafted file. This could allow a remot...
CVE-2023-48106
CVE-2023-48106: Buffer overflow in zlib-ng minizip-ng 4.0.2 via mz_path_resolve() in mz_os.c that can allow remote code execution when processing a crafted file. Public details confirm vulnerable component and root cause; exploitation status not provided. Affected software is minizip-ng v4.0.2; C...
CVE-2023-48107
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathhasslash function in the mzos.c file...
CVE-2023-48107
CVE-2023-48107 is a Buffer Overflow in zlib-ng minizip-ng v4.0.2 that allows arbitrary code execution via a crafted file targeting mz_path_has_slash() in mz_os.c. The NVD entry documents a high-severity, network-exploitable issue with a CVSS v3.1 base score of 8.8 (C:H, I:H, A:H; AV:N/AC:L/PR:N/U...
minizip-ng Security Vulnerabilities
minizip-ng is a zip manipulation library for zlib-ng written in C and supported on Windows, macOS, and Linux. A security vulnerability exists in zlib-ng minizip-ng version 4.0.2, which originated from allowing an attacker to execute arbitrary code via the mzpathhasslash function in the mzos.c fil...
PT-2023-8865 · Unknown +1 · Minizip-Ng +1
Name of the Vulnerable Software and Affected Versions: minizip-ng version 4.0.2 Description: The issue is related to a Buffer Overflow in the mz path resolve function, located in the mz os.c file, which can be exploited by an attacker using a crafted file. This could allow a remote attacker to...
CVE-2023-48106
Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mzpathresolve function in the mzos.c file...
MGASA-2023-0312 Updated zlib packages fix a security vulnerability
The updated packages fix a security vulnerability: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. CVE-2023-45853...
Updated zlib packages fix a security vulnerability
The updated packages fix a security vulnerability: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. CVE-2023-45853...
Amazon Linux 2023 : minizip-compat, minizip-compat-devel, zlib (ALAS2023-2023-410)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-410 advisory. MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part...
Medium: zlib
Issue Overview: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. CVE-2023-45853 Affected Packages: zlib Issue Correction:...