zlib
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Compression library implementing the deflate compression method found in gzip and PKZIP |
| Version | 1:1.3.1-1 [core] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2821 | 1:1.2.12-2 | 1:1.2.12-3 | High | Fixed | |
| AVG-2657 | 1:1.2.11-1 | 1:1.2.12-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2022-37434 | AVG-2821 | High | No | Arbitrary code execution | A security vulnerability was found in zlib. The flaw triggered a heap- based buffer in inflate in the inflate.c function via a large gzip header extra... |
| CVE-2018-25032 | AVG-2657 | High | Yes | Arbitrary code execution | An out-of-bounds access flaw was found in zlib before 1.2.12, which allows memory corruption when deflating (ex: when compressing) if the input has many... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 04 Apr 2022 | ASA-202204-3 | AVG-2657 | High | arbitrary code execution |