zlib-ng

minizip-ng

3 known vulnerabilities · sorted by CVSS score

CVE-2023-48106

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_resolve function in the mz_os.c file.

zlib-ng / minizip-ng

Network

Published Nov 22, 2023

CVE-2023-48107

HIGH8.8

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_has_slash function in the mz_os.c file.

zlib-ng / minizip-ng

Network

Published Nov 22, 2023

CVE-2014-9485

MEDIUM5.5

Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive.

zlib-ng / minizip-ng

Local

Published Jan 16, 2018