Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 12 results


CVE-2023-45853

Medium priority
Vulnerable

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE:...

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Not affected Not affected Not affected Not affected Not affected
rsync Not affected Not affected Not affected Not affected Not affected
zlib Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-42800

Medium priority
Not affected

This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause...

2 affected packages

rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rsync Not affected Not affected Not affected Not affected
zlib Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-37434

Medium priority
Fixed

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle...

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Fixed Fixed Fixed Fixed Fixed
rsync Not affected Not affected Fixed Fixed Fixed
zlib Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-25032

Medium priority
Fixed

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

5 affected packages

klibc, mariadb-10.3, mariadb-10.6, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Fixed Fixed Fixed Fixed Fixed
mariadb-10.3 Not in release Fixed Not in release Ignored
mariadb-10.6 Not in release Fixed Not in release Not in release Ignored
rsync Not affected Not affected Fixed Fixed Fixed
zlib Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2016-9843

Low priority

Some fixes available 15 of 21

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Needs evaluation Not affected Not affected Not affected Not affected
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-9842

Low priority

Some fixes available 15 of 21

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Needs evaluation Not affected Not affected Not affected Not affected
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-9841

Low priority

Some fixes available 23 of 27

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Fixed Fixed Fixed Fixed Fixed
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-9840

Low priority

Some fixes available 23 of 27

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

3 affected packages

klibc, rsync, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
klibc Fixed Fixed Fixed Fixed Fixed
rsync Fixed Fixed Fixed Fixed Fixed
zlib Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2009-1391

Medium priority
Fixed

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service...

2 affected packages

libcompress-raw-zlib-perl, perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcompress-raw-zlib-perl
perl
Show less packages

CVE-2005-1849

Unknown priority
Fixed

inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.

6 affected packages

aide, dpkg, ia32-libs, rpm, sash, zlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
aide
dpkg
ia32-libs
rpm
sash
zlib
Show less packages