VDB

GCVE-110-MAGEIA-2022-328

GCVE-110-MAGEIA-2022-328
Advisory Published
Vulnetix · Advisory published September 16, 2022
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). (CVE-2022-37434)

Affected Products

VendorProductVersionsPlatforms
Mageiazlib0 (affected), 1.2.12-1.3.mga8 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›