zlib

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Compression library implementing the deflate compression method found in gzip and PKZIP
Version 1:1.3.1-2 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2821 1:1.2.12-2 1:1.2.12-3 High Fixed
AVG-2657 1:1.2.11-1 1:1.2.12-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2022-37434 AVG-2821 High No Arbitrary code execution
A security vulnerability was found in zlib. The flaw triggered a heap- based buffer in inflate in the inflate.c function via a large gzip header extra...
CVE-2018-25032 AVG-2657 High Yes Arbitrary code execution
An out-of-bounds access flaw was found in zlib before 1.2.12, which allows memory corruption when deflating (ex: when compressing) if the input has many...

Advisories

Date Advisory Group Severity Type
04 Apr 2022 ASA-202204-3 AVG-2657 High arbitrary code execution