mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
2.3 KiB
2.3 KiB
CVE-2022-37434
Description
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
POC
Reference
- http://seclists.org/fulldisclosure/2022/Oct/37
- http://seclists.org/fulldisclosure/2022/Oct/38
- http://seclists.org/fulldisclosure/2022/Oct/41
- http://seclists.org/fulldisclosure/2022/Oct/42
- https://github.com/ivd38/zlib_overflow
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/FairwindsOps/bif
- https://github.com/JtMotoX/docker-trivy
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/RenderKit/openvkl
- https://github.com/SYRTI/POC_to_review
- https://github.com/Trinadh465/external_zlib_CVE-2022-37434
- https://github.com/WhooAmii/POC_to_review
- https://github.com/a23au/awe-base-images
- https://github.com/adegoodyer/kubernetes-admin-toolkit
- https://github.com/adegoodyer/ubuntu
- https://github.com/bollwarm/SecToolSet
- https://github.com/fivexl/aws-ecr-client-golang
- https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc
- https://github.com/ivd38/zlib_overflow
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/karimhabush/cyberowl
- https://github.com/manas3c/CVE-POC
- https://github.com/maxim12z/ECommerce
- https://github.com/neo9/fluentd
- https://github.com/nidhi7598/external_zlib-1.2.11_AOSP_10_r33_CVE-2022-37434
- https://github.com/nidhi7598/external_zlib-1.2.7_CVE-2022-37434
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/openvkl/openvkl
- https://github.com/stkcat/awe-base-images
- https://github.com/teresaweber685/book_list
- https://github.com/trhacknon/Pocingit
- https://github.com/vulnersCom/vulners-sbom-parser
- https://github.com/whoforget/CVE-POC
- https://github.com/xen0bit/CVE-2022-37434_poc
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve