Lucene search

K

GoogleOSV:GHSA-JC36-42CF-VQWJ

HistoryMar 26, 2022 - 12:00 a.m.

Nokogiri affected by zlib's Out-of-bounds Write vulnerability

2022-03-2600:00:33

Google

osv.dev

13

0.003 Low

EPSS

Percentile

68.4%

zlib 1.2.11 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

CPENameOperatorVersion
nokogirieq1.12.3
nokogirieq1.12.4
nokogirieq1.3.2
nokogirieq1.6.6.2
nokogirieq1.11.0.rc2
nokogirieq1.13.3
nokogirieq1.5.7
nokogirieq1.5.4.rc2
nokogirieq1.11.1
nokogirieq1.6.3.rc2

Rows per page:

1-10 of 1431

References

seclists.org/fulldisclosure/2022/May/33

seclists.org/fulldisclosure/2022/May/35

seclists.org/fulldisclosure/2022/May/38

www.openwall.com/lists/oss-security/2022/03/25/2

www.openwall.com/lists/oss-security/2022/03/26/1

cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf

github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531

github.com/madler/zlib/compare/v1.2.11...v1.2.12

github.com/madler/zlib/issues/605

github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-25032.yml

github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5

lists.debian.org/debian-lts-announce/2022/04/msg00000.html

lists.debian.org/debian-lts-announce/2022/05/msg00008.html

lists.debian.org/debian-lts-announce/2022/09/msg00023.html

lists.fedoraproject.org/archives/list/[email protected]/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF

lists.fedoraproject.org/archives/list/[email protected]/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB

lists.fedoraproject.org/archives/list/[email protected]/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4

lists.fedoraproject.org/archives/list/[email protected]/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F

lists.fedoraproject.org/archives/list/[email protected]/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y

lists.fedoraproject.org/archives/list/[email protected]/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU

nvd.nist.gov/vuln/detail/CVE-2018-25032

security.gentoo.org/glsa/202210-42

security.netapp.com/advisory/ntap-20220526-0009

security.netapp.com/advisory/ntap-20220729-0004

support.apple.com/kb/HT213255

support.apple.com/kb/HT213256

support.apple.com/kb/HT213257

www.debian.org/security/2022/dsa-5111

www.openwall.com/lists/oss-security/2022/03/24/1

www.openwall.com/lists/oss-security/2022/03/28/1

www.openwall.com/lists/oss-security/2022/03/28/3

www.oracle.com/security-alerts/cpujul2022.html

0.003 Low

EPSS

Percentile

68.4%

Related for OSV:GHSA-JC36-42CF-VQWJ