zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
Zlib in versions v0.8 to v1.2.11 is vulnerable to use-of-uninitialized-value in inflate.
There are a couple of places in inflate() where UPDATE is called with state->check as its first parameter, without a guarantee that this value has been initialized (state comes from a ZALLOC in inflateInit). This causes use of uninitialized check value.
Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow.
A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software.
Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2022-37434
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/inflate.c
### Vulnerability Detailszlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
Publish Date: 2022-08-05
URL: CVE-2022-37434
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2022-08-05
Fix Resolution: v1.2.13
CVE-2016-9843
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/crc32.c
### Vulnerability DetailsThe crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Publish Date: 2017-05-23
URL: CVE-2016-9843
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9843
Release Date: 2017-05-23
Fix Resolution: v1.2.9
CVE-2016-9841
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/inffast.c
### Vulnerability Detailsinffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Publish Date: 2017-05-23
URL: CVE-2016-9841
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9841
Release Date: 2017-05-23
Fix Resolution: v1.2.9
CVE-2016-9842
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/inflate.c
### Vulnerability DetailsThe inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
Publish Date: 2017-05-23
URL: CVE-2016-9842
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9842
Release Date: 2017-05-23
Fix Resolution: v1.2.9
CVE-2016-9840
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/inftrees.c
### Vulnerability Detailsinftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Publish Date: 2017-05-23
URL: CVE-2016-9840
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9840
Release Date: 2017-05-23
Fix Resolution: v1.2.9
CVE-2018-25032
### Vulnerable Libraries - zlibv1.2.8, zlibv1.2.8, zlibv1.2.8
### Vulnerability Detailszlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Publish Date: 2022-03-25
URL: CVE-2018-25032
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2022-03-25
Fix Resolution: v1.2.12
WS-2020-0368
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/inflate.c
### Vulnerability DetailsZlib in versions v0.8 to v1.2.11 is vulnerable to use-of-uninitialized-value in inflate. There are a couple of places in inflate() where UPDATE is called with state->check as its first parameter, without a guarantee that this value has been initialized (state comes from a ZALLOC in inflateInit). This causes use of uninitialized check value.
Publish Date: 2020-02-22
URL: WS-2020-0368
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.
CVE-2015-2158
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/inflate.c
### Vulnerability DetailsOff-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.
Publish Date: 2017-10-06
URL: CVE-2015-2158
### CVSS 3 Score Details (4.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1198171
Release Date: 2017-10-06
Fix Resolution: v1.7.84
CVE-2023-6992
### Vulnerable Library - zlibv1.2.8A massively spiffy yet delicately unobtrusive compression library.
Library home page: https://github.com/cyanskies/zlib.git
Found in base branch: master
### Vulnerable Source Files (1)
/core/src/main/c/share/zlib-1.2.8/deflate.c
### Vulnerability DetailsCloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
Publish Date: 2024-01-04
URL: CVE-2023-6992
### CVSS 3 Score Details (4.0)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here.