EUVD-2023-50468

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-46228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c...

Advisory ROSA-SA-2024-2534

software: zchunk 1.2.2 OS: ROSA-CHROME packageevrstring: zchunk-1.2.2.2-2 CVE-ID: CVE-2023-46228 BDU-ID: 2023-07324 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c components of the RPM zchunk file size reduction software...

Photon OS 3.0: Zchunk PHSA-2023-3.0-0683

An update of the zchunk package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0683. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Zchunk PHSA-2023-4.0-0507

An update of the zchunk package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0507. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Zchunk PHSA-2023-5.0-0137

An update of the zchunk package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0137. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE-SU-2024:2432-1 Security update for zchunk

This update for zchunk fixes the following issues: - CVE-2023-46228: Fixed a handle overflow errors in malformed zchunk files. bsc1216268...

openSUSE: Security Advisory for zchunk (SUSE-SU-2023:4225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important Photon OS Security Update - PHSA-2023-4.0-0507

Updates of 'zchunk' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2023-3.0-0683

Updates of 'librdkafka', 'zchunk' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2023-5.0-0137

Updates of 'zchunk' packages of Photon OS have been released...

CVE-2023-46228 affecting package zchunk for versions less than 1.1.16-3

CVE-2023-46228 affecting package zchunk for versions less than 1.1.16-3. A patched version of the package is available...

SUSE: Security Advisory (SUSE-SU-2023:4225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4224-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : zchunk (SUSE-SU-2023:4225-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4225-1 advisory. - zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c,...

SUSE SLES15 Security Update : zchunk (SUSE-SU-2023:4224-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4224-1 advisory. - zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c...

SUSE-SU-2023:4225-1 Security update for zchunk

This update for zchunk fixes the following issues: - CVE-2023-46228: Fixed a handle overflow errors in malformed zchunk files. bsc1216268...

SUSE-SU-2023:4224-1 Security update for zchunk

This update for zchunk fixes the following issues: - CVE-2023-46228: Fixed a handle overflow errors in malformed zchunk files. bsc1216268...

Integer Overflows

zchunk is vulnerable to Integer Overflows. An attacker could exploit this vulnerability by tricking a user into opening a malicious zchunk file. The file would contain specially crafted data that would cause the zchunk library to overflow an integer, which could lead to arbitrary code execution...

zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c lib/comp/zstd/zstd.c lib/dl/multipart.c or lib/header.c.

...