CVE-2023-45853 - OpenCVE

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Zlib	Zlib

Configuration 1 [-]

cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2023/10/20/9
http://www.openwall.com/lists/oss-security/2024/01/24/10
https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356	Mailing List Patch
https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61	Mailing List Patch
https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4	Product
https://github.com/madler/zlib/pull/843	Issue Tracking Patch
https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html
https://pypi.org/project/pyminizip/#history
https://security.gentoo.org/glsa/202401-18
https://security.netapp.com/advisory/ntap-20231130-0009/
https://www.winimage.com/zLibDll/minizip.html	Product

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-10-14T00:00:00

Updated: 2024-01-24T21:06:19.795482

Reserved: 2023-10-14T00:00:00

Link: CVE-2023-45853

JSON object: View

NVD Information

Status : Modified

Published: 2023-10-14T02:15:09.323

Modified: 2024-01-24T21:15:08.623

Link: CVE-2023-45853

JSON object: View

Redhat Information

No data.

CWE

CWE-190

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-45853", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-01-24T21:06:19.795482", "dateReserved": "2023-10-14T00:00:00", "datePublished": "2023-10-14T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-01-24T21:06:19.795482"}, "descriptions": [{"lang": "en", "value": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/madler/zlib/pull/843"}, {"url": "https://www.winimage.com/zLibDll/minizip.html"}, {"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"}, {"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"}, {"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"}, {"name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/9"}, {"name": "[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"}, {"url": "https://security.netapp.com/advisory/ntap-20231130-0009/"}, {"url": "https://pypi.org/project/pyminizip/#history"}, {"name": "GLSA-202401-18", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202401-18"}, {"name": "[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2024/01/24/10"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCAD5846-089D-4749-88B4-20243BC19B29", "versionEndIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API."}, {"lang": "es", "value": "MiniZip en zlib hasta 1.3 tiene un desbordamiento de enteros y un desbordamiento de b\u00fafer basado en mont\u00f3n resultante en zipOpenNewFileInZip4_64 a trav\u00e9s de un nombre de archivo largo, un comentario o un campo adicional. NOTA: MiniZip no es una parte compatible del producto zlib."}], "id": "CVE-2023-45853", "lastModified": "2024-01-24T21:15:08.623", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-14T02:15:09.323", "references": [{"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2023/10/20/9"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/24/10"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/madler/zlib/pull/843"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"}, {"source": "cve@mitre.org", "url": "https://pypi.org/project/pyminizip/#history"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202401-18"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20231130-0009/"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.winimage.com/zLibDll/minizip.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}