Msrc Azl3 Zziplib 0.13.74-1 On Azure Linux 3.0 vulnerabilities
4 known vulnerabilities affecting msrc/azl3_zziplib_0.13.74-1_on_azure_linux_3.0.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-39134HIGHCVSS 7.52024-06-11
CVE-2024-39134 [HIGH] CWE-120 A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c.
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnera
msrc
CVE-2024-39133MEDIUMCVSS 4.32024-06-11
CVE-2024-39133 [MEDIUM] CWE-122 Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c.
Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnera
msrc
CVE-2020-18770MEDIUMCVSS 5.52023-08-08
CVE-2020-18770 [MEDIUM] An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.
An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who ch
msrc
CVE-2017-5974MEDIUMCVSS 5.52017-03-14
CVE-2017-5974 [MEDIUM] CWE-119 Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash)
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
FAQ: Is Azure Linux the only Microsoft pro
msrc