rpm package
suse/zlib&distro=SUSE Linux Enterprise High Performance Computing 15-ESPOS
pkg:rpm/suse/zlib&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-37434 | — | < 1.2.11-150000.3.33.1 | 1.2.11-150000.3.33.1 | Aug 5, 2022 | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable t | ||
| CVE-2018-25032 | — | < 1.2.11-150000.3.30.1 | 1.2.11-150000.3.30.1 | Mar 25, 2022 | zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | ||
| CVE-2022-0778 | Hig | 7.5 | < 1.2.11-3.26.10 | 1.2.11-3.26.10 | Mar 15, 2022 | The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv |
- CVE-2022-37434Aug 5, 2022affected < 1.2.11-150000.3.33.1fixed 1.2.11-150000.3.33.1
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable t
- CVE-2018-25032Mar 25, 2022affected < 1.2.11-150000.3.30.1fixed 1.2.11-150000.3.30.1
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
- affected < 1.2.11-3.26.10fixed 1.2.11-3.26.10
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv