logo

Database

Out-of-bounds read In zlib

Description

arbitrary code execution

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 20

10

Aliases

1. CVE-2023-458532. NVD-2023-458533. OSV-ALPINE-2023-458534. OSV-2023-458535. OSV-DEBIAN-2023-458536. GCVE-2023-458537. SECURITY-CVE-2023-458538. lists.debian.org9. security.gentoo.org10. SECURITY-TRACKER-CVE-2023-45853

References

1. https://github.com/madler/zlib/pull/8432. https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c3. https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c5488133564. https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b615. https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L46. https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c7. https://pypi.org/project/pyminizip/#history8. https://security.netapp.com/advisory/ntap-20231130-00099. https://www.winimage.com/zLibDll/minizip.html10. http://www.openwall.com/lists/oss-security/2023/10/20/911. http://www.openwall.com/lists/oss-security/2024/01/24/10

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.