cve/2018/CVE-2018-25032.md

### [CVE-2018-25032](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

### POC

#### Reference
- https://github.com/madler/zlib/issues/605
- https://github.com/madler/zlib/issues/605
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NathanielAPawluk/sec-buddy
- https://github.com/Satheesh575555/external_zlib-1.2.7_CVE-2018-25032
- https://github.com/Trinadh465/external_zlib_4.4_CVE-2018-25032
- https://github.com/Trinadh465/external_zlib_AOSP10_r33_CVE-2018-25032
- https://github.com/Webb-L/reptileIndexOfProject
- https://github.com/ZipArchive/ZipArchive
- https://github.com/chainguard-dev/zlib-patch-demo
- https://github.com/gatecheckdev/gatecheck
- https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc
- https://github.com/mario206/UnityReleaseNotes-latest
- https://github.com/yeforriak/snyk-to-cve