46 matches found
JLSEC-2026-479
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...
GHSA-Q5FM-55C2-V6J9 Fiona affected by CVE-2023-45853 related to MiniZip madler-zlib
Summary Vulnerability scan of fiona shows CVE-2023-45853. The vulnerability is in GDAL, a dependency of fiona. Details Fiona depends on GDAL and GDAL has a port of minizip. MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a...
CBL Mariner 2.0 Security Update: blosc / boost / cloud-hypervisor / cloud-hypervisor-cvm / keras / nmap / rust (CVE-2023-45853)
The version of blosc / boost / cloud-hypervisor / cloud-hypervisor-cvm / keras / nmap / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45853 advisory. - MiniZip in zlib through 1.3 has an...
CentOS 9 : zlib-1.2.11-41.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the zlib-1.2.11-41.el9 build changelog. - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment...
EulerOS Virtualization 2.11.0 : binutils (EulerOS-SA-2024-1424)
According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a lon...
EulerOS Virtualization 2.11.1 : zlib (EulerOS-SA-2024-1409)
According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long...
EulerOS Virtualization 2.11.0 : zlib (EulerOS-SA-2024-1437)
According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long...
EulerOS Virtualization 2.10.1 : binutils (EulerOS-SA-2024-1354)
According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and...
EulerOS Virtualization 2.10.0 : binutils (EulerOS-SA-2024-1375)
According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and...
EulerOS Virtualization 2.10.0 : zlib (EulerOS-SA-2024-1394)
According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long...
EulerOS 2.0 SP8 : zlib (EulerOS-SA-2024-1308)
According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, commen...
EulerOS 2.0 SP5 : zlib (EulerOS-SA-2024-1170)
According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, commen...
EulerOS 2.0 SP11 : zlib (EulerOS-SA-2023-3261)
According to the versions of the zlib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment...
EulerOS 2.0 SP11 : binutils (EulerOS-SA-2023-3236)
According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename,...
EulerOS 2.0 SP11 : zlib (EulerOS-SA-2023-3289)
According to the versions of the zlib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment...
EulerOS 2.0 SP11 : binutils (EulerOS-SA-2023-3264)
According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename,...
GLSA-202401-18 : zlib: Buffer Overflow
The remote host is affected by the vulnerability described in GLSA-202401-18 zlib: Buffer Overflow - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supporte...
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename comment or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version and exposes the applicable MiniZip code through its compress API.
...
aind-data-transfer (>=0.1.13 <=0.35.3), aind-dispim-processing (>=0.0.1 <=0.0.4) +25 more potentially affected by CVE-2023-45853 via pyminizip (=0.2.6)
pyminizip PYPI version =0.2.6 is affected by a known vulnerability. The following packages have a transitive dependency on pyminizip and may be impacted: - aind-data-transfer =0.1.13, =0.0.1, =0.3.0, =1.9.32, =0.0.6, =1.1.12, =0.8.0, =0.1.0, =0.0.1, =0.2.0, =0.1.1, =0.1.5 and more Source cves:...