cve/2023/CVE-2023-48106.md

### [CVE-2023-48106](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48106)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_resolve function in the mz_os.c file.

### POC

#### Reference
- https://github.com/zlib-ng/minizip-ng/issues/740

#### Github
- https://github.com/DiRaltvein/memory-corruption-examples
- https://github.com/fdu-sec/NestFuzz