CVE-2018-25032
published 2022-03-25CVE-2018-25032: zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Affected
82 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x | >= 10.15 < 10.15.7 | 10.15.7 |
| apple | macos | >= 11.0 < 11.6.6 | 11.6.6 |
| apple | macos | >= 12.0.0 < 12.4 | 12.4 |
| apple | macos_big_sur | — | — |
| apple | macos_monterey | — | — |
| apple | security_update_2022-004_catalina | — | — |
| azul | zulu | — | — |
| azul | zulu | — | — |
| azul | zulu | — | — |
| azul | zulu | — | — |
| azul | zulu | — | — |
| azul | zulu | — | — |
| azul | zulu | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libz-mingw-w64 | < libz-mingw-w64 1.2.11+dfsg-5 (bookworm) | libz-mingw-w64 1.2.11+dfsg-5 (bookworm) |
| debian | zlib | < libz-mingw-w64 1.2.11+dfsg-5 (bookworm) | libz-mingw-w64 1.2.11+dfsg-5 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| goto | gotoassist | < 11.9.18 | 11.9.18 |
| klibc_project | klibc | >= 0 < 2.0.7-1ubuntu5.2 | 2.0.7-1ubuntu5.2 |
| klibc_project | klibc | >= 0 < 2.0.10-4ubuntu0.1 | 2.0.10-4ubuntu0.1 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa7.5HIGH
osv8.8HIGH