AVG-2847 log
Package | minizip |
Status | Fixed |
Severity | Critical |
Type | arbitrary code execution |
Affected | 1:1.3-1 |
Fixed | 1:1.3.1-1 |
Current | 1:1.3.1-2 [core] |
Ticket | None |
Created | Tue Oct 24 14:22:35 2023 |
Advisory | Pending |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2023-45853 | Critical | No | Arbitrary code execution | MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. |
References |
---|
https://www.openwall.com/lists/oss-security/2023/10/20/9 |