AVG-2847 log

Package minizip
Status Vulnerable
Severity Critical
Type arbitrary code execution
Affected 1:1.3-1
Fixed Unknown
Current 1:1.3.1-2 [core]
Ticket Create
Created Tue Oct 24 14:22:35 2023
Issue Severity Remote Type Description
CVE-2023-45853 Critical No Arbitrary code execution
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field.
References
https://www.openwall.com/lists/oss-security/2023/10/20/9