Описание
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.
Ссылки
- Mailing List
- Mailing List
- Mailing ListPatch
- Mailing ListPatch
- Product
- Issue TrackingPatch
- Mailing ListThird Party Advisory
- Release Notes
- Third Party Advisory
- Third Party Advisory
- Product
- Mailing List
- Mailing List
- Mailing ListPatch
- Mailing ListPatch
- Product
- Issue TrackingPatch
- Mailing ListThird Party Advisory
- Release Notes
- Third Party Advisory
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
8.8 High
CVSS3
Дефекты
Связанные уязвимости
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.
MiniZip in zlib through 1.3 has an integer overflow and resultant heap ...
EPSS
9.8 Critical
CVSS3
8.8 High
CVSS3