ID CVE-2023-6992
Summary Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.
References
Vulnerable Configurations
  • cpe:2.3:a:cloudflare:zlib:-:*:*:*:*:*:*:*
    cpe:2.3:a:cloudflare:zlib:-:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 10-01-2024 - 01:14
Published 04-01-2024 - 12:15
Last modified 10-01-2024 - 01:14
Back to Top