Описание
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.0.13-4ubuntu1 |
| esm-infra-legacy/trusty | released | 2.0.3-0ubuntu1.14.04.3+esm3 |
| esm-infra/bionic | released | 2.0.4-9ubuntu2.2+esm1 |
| esm-infra/focal | released | 2.0.7-1ubuntu5.2 |
| esm-infra/xenial | released | 2.0.4-8ubuntu1.16.04.4+esm2 |
| focal | released | 2.0.7-1ubuntu5.2 |
| jammy | released | 2.0.10-4ubuntu0.1 |
| mantic | released | 2.0.13-1ubuntu0.1 |
| noble | released | 2.0.13-4ubuntu0.1 |
| trusty/esm | released | 2.0.3-0ubuntu1.14.04.3+esm3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 3.1.2-2.1ubuntu1.5 |
| devel | not-affected | uses system zlib |
| esm-infra-legacy/trusty | not-affected | uses system zlib |
| esm-infra/bionic | released | 3.1.2-2.1ubuntu1.5 |
| esm-infra/focal | released | 3.1.3-8ubuntu0.4 |
| esm-infra/xenial | released | 3.1.1-3ubuntu1.3+esm2 |
| focal | released | 3.1.3-8ubuntu0.4 |
| jammy | not-affected | uses system zlib |
| kinetic | not-affected | uses system zlib |
| mantic | not-affected | uses system zlib |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:1.2.11.dfsg-0ubuntu2.2 |
| devel | not-affected | 1:1.2.11.dfsg-4.1ubuntu1 |
| esm-infra-legacy/trusty | released | 1:1.2.8.dfsg-1ubuntu1.1+esm2 |
| esm-infra/bionic | released | 1:1.2.11.dfsg-0ubuntu2.2 |
| esm-infra/focal | released | 1:1.2.11.dfsg-2ubuntu1.5 |
| esm-infra/xenial | released | 1:1.2.8.dfsg-2ubuntu4.3+esm2 |
| focal | released | 1:1.2.11.dfsg-2ubuntu1.5 |
| jammy | released | 1:1.2.11.dfsg-2ubuntu9.2 |
| kinetic | not-affected | 1:1.2.11.dfsg-4.1ubuntu1 |
| mantic | not-affected | 1:1.2.11.dfsg-4.1ubuntu1 |
Показывать по
Ссылки на источники
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
zlib through 1.2.12 has a heap-based buffer over-read or buffer overfl ...
EPSS
9.8 Critical
CVSS3