Published: 14/10/2023 Updated: 24/01/2024

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

MiniZip in zlib up to and including 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip up to and including 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zlib zlib

概述 Important: Red Hat JBoss Core Services Apache HTTP Server 2457 SP2 security update 类型/严重性 Security Advisory: Important 标题 Red Hat JBoss Core Services Apache HTTP Server 2457 Service Pack 2 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...

Debian Bug report logs - #1054290 zlib: CVE-2023-45853 Package: src:zlib; Maintainer for src:zlib is Mark Brown <broonie@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 20 Oct 2023 19:48:01 UTC Severity: important Tags: patch, security, upstream Found in versions zlib/1:1213dfsg-1, z ...

MiniZip in zlib through 13 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field NOTE: MiniZip is not a supported part of the zlib product (CVE-2023-45853) ...

MiniZip in zlib through 13 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field ...

Critical Infrastructure Sectors: Critical Manufacturing

Домашнее задание к занятию 5 «Практическое применение Docker» - Илларионов Дмитрий Инструкция к выполнению Для выполнения заданий обязательно ознакомьтесь с инструкцией по экономии облачных ресурсов Э

Debian package for zlib 1.3

zlib-13-deb Debian package for zlib 13 The package was generated using zlibnet/zlib-13targz and is useful for avoiding vulnerability CVE-2023-45853 Installation instructions: Download zlib-13-debdeb from here Run sudo apt install zlib-13-debdeb

Convert any URL to an LLM-friendly input with a simple prefix https://r.jina.ai/

Reader Your LLMs deserve better input Reader converts any URL to an LLM-friendly input with a simple prefix rjinaai/ Get improved output for your agent and RAG systems at no cost Live demo: jinaai/reader Or just visit these URLs rjinaai/githubcom/jina-ai/reader, rjinaai/xcom/elonmusk and see yourself Feel free to u

CWE-190 https://www.winimage.com/zLibDll/minizip.html https://github.com/madler/zlib/pull/843 https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356 https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61 https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4 http://www.openwall.com/lists/oss-security/2023/10/20/9 https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html https://security.netapp.com/advisory/ntap-20231130-0009/https://pypi.org/project/pyminizip/#history https://security.gentoo.org/glsa/202401-18 http://www.openwall.com/lists/oss-security/2024/01/24/10 https://access.redhat.com/errata/RHSA-2023:7626 https://nvd.nist.gov https://github.com/bariskanber/zlib-1.3-deb https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10 https://alas.aws.amazon.com/AL2/ALAS-2023-2320.html

CVE-2023-45853

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect