Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-37434

Опубликовано: 05 авг. 2022
Источник: ubuntu
Приоритет: medium
EPSS Критический
CVSS3: 9.8

Описание

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

РелизСтатусПримечание
devel

released

2.0.13-4ubuntu1
esm-infra-legacy/trusty

not-affected

2.0.3-0ubuntu1.14.04.3+esm3
esm-infra/bionic

released

2.0.4-9ubuntu2.2+esm1
esm-infra/focal

not-affected

2.0.7-1ubuntu5.2
esm-infra/xenial

released

2.0.4-8ubuntu1.16.04.4+esm2
focal

released

2.0.7-1ubuntu5.2
jammy

released

2.0.10-4ubuntu0.1
mantic

released

2.0.13-1ubuntu0.1
noble

released

2.0.13-4ubuntu0.1
trusty/esm

released

2.0.3-0ubuntu1.14.04.3+esm3

Показывать по

РелизСтатусПримечание
bionic

released

3.1.2-2.1ubuntu1.5
devel

not-affected

uses system zlib
esm-infra-legacy/trusty

not-affected

uses system zlib
esm-infra/bionic

not-affected

3.1.2-2.1ubuntu1.5
esm-infra/focal

not-affected

3.1.3-8ubuntu0.4
esm-infra/xenial

released

3.1.1-3ubuntu1.3+esm2
focal

released

3.1.3-8ubuntu0.4
jammy

not-affected

uses system zlib
kinetic

not-affected

uses system zlib
mantic

not-affected

uses system zlib

Показывать по

РелизСтатусПримечание
bionic

released

1:1.2.11.dfsg-0ubuntu2.2
devel

not-affected

1:1.2.11.dfsg-4.1ubuntu1
esm-infra-legacy/trusty

not-affected

1:1.2.8.dfsg-1ubuntu1.1+esm2
esm-infra/bionic

not-affected

1:1.2.11.dfsg-0ubuntu2.2
esm-infra/focal

not-affected

1:1.2.11.dfsg-2ubuntu1.5
esm-infra/xenial

released

1:1.2.8.dfsg-2ubuntu4.3+esm2
focal

released

1:1.2.11.dfsg-2ubuntu1.5
jammy

released

1:1.2.11.dfsg-2ubuntu9.2
kinetic

not-affected

1:1.2.11.dfsg-4.1ubuntu1
mantic

not-affected

1:1.2.11.dfsg-4.1ubuntu1

Показывать по

Ссылки на источники

EPSS

Процентиль: 100%
0.92678
Критический

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-37434

CVSS3: 7
redhat
почти 3 года назад

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

nvd логотип

CVE-2022-37434

CVSS3: 9.8
nvd
почти 3 года назад

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

msrc логотип

CVE-2022-37434

CVSS3: 9.8
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2022-37434

CVSS3: 9.8
debian
почти 3 года назад

zlib through 1.2.12 has a heap-based buffer over-read or buffer overfl ...

suse-cvrf логотип

SUSE-SU-2022:2947-1

suse-cvrf
почти 3 года назад

Security update for zlib

EPSS

Процентиль: 100%
0.92678
Критический

9.8 Critical

CVSS3