[Git][security-tracker-team/security-tracker][master] Add CVE-2022-37434/zlib

Fri Aug 5 20:23:50 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c245e8cb by Salvatore Bonaccorso at 2022-08-05T21:22:41+02:00
Add CVE-2022-37434/zlib

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2022-37434 [buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field]
+	- zlib <unfixed>
+	NOTE: https://github.com/ivd38/zlib_overflow
+	NOTE: https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1
 CVE-2022-37431 (A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS  ...)
 	NOT-FOR-US: dotCMS
 CVE-2022-37430



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c245e8cb903e718cf846315ebf0dbb08aa823921

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c245e8cb903e718cf846315ebf0dbb08aa823921
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220805/2b19533c/attachment.htm>
