{"api_version":"1","generated_at":"2026-04-21T14:08:35+00:00","cve":"CVE-2022-37434","urls":{"html":"https://cve.report/CVE-2022-37434","api":"https://cve.report/api/cve/CVE-2022-37434.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-37434","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434"},"summary":{"title":"CVE-2022-37434","description":"zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-08-05 07:15:00","updated_at":"2023-07-19 00:56:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 37 Update: zlib-1.2.12-5.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/41","name":"20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 35 Update: zlib-1.2.11-32.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 36 Update: zlib-1.2.11-33.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/ivd38/zlib_overflow","name":"https://github.com/ivd38/zlib_overflow","refsource":"MISC","tags":[],"title":"GitHub - ivd38/zlib_overflow: Program to trigger zlib 1.2.12 buffer overflow","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/","name":"FEDORA-2022-0b517a5397","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: zlib-1.2.11-32.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/37","name":"http://seclists.org/fulldisclosure/2022/Oct/37","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063","name":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063","refsource":"MISC","tags":[],"title":"zlib/zlib.h at 21767c654d31d2dccdde4330529775c6c5fd5389 · madler/zlib · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/","name":"FEDORA-2022-25e4dbedf9","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: rsync-3.2.5-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/curl/curl/issues/9271","name":"https://github.com/curl/curl/issues/9271","refsource":"MISC","tags":[],"title":"Test 224 fails with CVE-2022-37434 patched zlib · Issue #9271 · curl/curl · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 35 Update: rsync-3.2.5-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213488","name":"https://support.apple.com/kb/HT213488","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Ventura 13 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20220901-0005/","name":"https://security.netapp.com/advisory/ntap-20220901-0005/","refsource":"CONFIRM","tags":[],"title":"CVE-2022-37434 Zlib Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/38","name":"http://seclists.org/fulldisclosure/2022/Oct/38","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20230427-0007/","name":"https://security.netapp.com/advisory/ntap-20230427-0007/","refsource":"MISC","tags":[],"title":"April 2023 MySQL Server Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html","name":"[debian-lts-announce] 20220912 [SECURITY] [DLA 3103-1] zlib security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3103-1] zlib security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/42","name":"http://seclists.org/fulldisclosure/2022/Oct/42","refsource":"MISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1","name":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1","refsource":"MISC","tags":[],"title":"Fix a bug when getting a gzip header extra field with inflate(). · madler/zlib@eff308a · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213489","name":"https://support.apple.com/kb/HT213489","refsource":"CONFIRM","tags":[],"title":"About the security content of iOS 16.1 and iPadOS 16 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/","name":"FEDORA-2022-15da0cf165","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: rsync-3.2.5-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2022/08/05/2","name":"[oss-security] 20220805 zlib buffer overflow","refsource":"MLIST","tags":[],"title":"oss-security - zlib buffer overflow","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213493","name":"https://support.apple.com/kb/HT213493","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Big Sur 11.7.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213494","name":"https://support.apple.com/kb/HT213494","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Monterey 12.6.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764","name":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764","refsource":"MISC","tags":[],"title":"node/inflate.c at 75b68c6e4db515f76df73af476eccf382bbcb00a · nodejs/node · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 36 Update: rsync-3.2.5-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/","name":"FEDORA-2022-b8232d1cca","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: zlib-1.2.11-33.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2022/08/09/1","name":"[oss-security] 20220808 Re: zlib buffer overflow","refsource":"MLIST","tags":[],"title":"oss-security - Re: zlib buffer overflow","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/","name":"FEDORA-2022-3c28ae0cd8","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: zlib-1.2.12-5.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2022/dsa-5218","name":"DSA-5218","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5218-1 zlib","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213491","name":"https://support.apple.com/kb/HT213491","refsource":"CONFIRM","tags":[],"title":"About the security content of watchOS 9.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213490","name":"https://support.apple.com/kb/HT213490","refsource":"CONFIRM","tags":[],"title":"About the security content of iOS 15.7.1 and iPadOS 15.7.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-37434","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipad_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"watchos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"hci_compute_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"management_services_for_element_software","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_workflow_automation","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"ontap_select_deploy_administration_utility","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"storagegrid","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"stormshield","cpe5":"stormshield_network_security","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"37434","vulnerable":"1","versionEndIncluding":"1.2.12","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"zlib","cpe5":"zlib","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-37434","qid":"160175","title":"Oracle Enterprise Linux Security Update for zlib (ELSA-2022-7106)"},{"cve":"CVE-2022-37434","qid":"160195","title":"Oracle Enterprise Linux Security Update for zlib (ELSA-2022-7314)"},{"cve":"CVE-2022-37434","qid":"160204","title":"Oracle Enterprise Linux Security Update for zlib (ELSA-2022-9987)"},{"cve":"CVE-2022-37434","qid":"160205","title":"Oracle Enterprise Linux Security Update for zlib (ELSA-2022-9988)"},{"cve":"CVE-2022-37434","qid":"160252","title":"Oracle Enterprise Linux Security Update for rsync security and enhancement update (ELSA-2022-7793)"},{"cve":"CVE-2022-37434","qid":"160264","title":"Oracle Enterprise Linux Security Update for rsync (ELSA-2022-8291)"},{"cve":"CVE-2022-37434","qid":"160496","title":"Oracle Enterprise Linux Security Update for zlib (ELSA-2023-1095)"},{"cve":"CVE-2022-37434","qid":"180965","title":"Debian Security Update for zlib (DSA 5218-1)"},{"cve":"CVE-2022-37434","qid":"181046","title":"Debian Security Update for zlib (DLA 3103-1)"},{"cve":"CVE-2022-37434","qid":"184903","title":"Debian Security Update for zliblibz-mingw-w64 (CVE-2022-37434)"},{"cve":"CVE-2022-37434","qid":"198903","title":"Ubuntu Security Notification for zlib Vulnerability (USN-5570-1)"},{"cve":"CVE-2022-37434","qid":"198905","title":"Ubuntu Security Notification for rsync Vulnerability (USN-5573-1)"},{"cve":"CVE-2022-37434","qid":"198991","title":"Ubuntu Security Notification for zlib Vulnerability (USN-5570-2)"},{"cve":"CVE-2022-37434","qid":"20344","title":"Oracle MySQL April 2023 Critical Patch Update (CPUAPR2023)"},{"cve":"CVE-2022-37434","qid":"20389","title":"IBM DB2 Multiple Vulnerabilities (7087162)"},{"cve":"CVE-2022-37434","qid":"240779","title":"Red Hat Update for zlib (RHSA-2022:7106)"},{"cve":"CVE-2022-37434","qid":"240809","title":"Red Hat Update for zlib (RHSA-2022:7314)"},{"cve":"CVE-2022-37434","qid":"240827","title":"Red Hat Update for rsync (RHSA-2022:7793)"},{"cve":"CVE-2022-37434","qid":"240908","title":"Red Hat Update for rsync (RHSA-2022:8291)"},{"cve":"CVE-2022-37434","qid":"241242","title":"Red Hat Update for zlib (RHSA-2023:1095)"},{"cve":"CVE-2022-37434","qid":"242697","title":"Red Hat Update for rsync (RHSA-2024:0254)"},{"cve":"CVE-2022-37434","qid":"257227","title":"CentOS Security Update for zlib (CESA-2023:1095)"},{"cve":"CVE-2022-37434","qid":"283050","title":"Fedora Security Update for rsync (FEDORA-2022-25e4dbedf9)"},{"cve":"CVE-2022-37434","qid":"283075","title":"Fedora Security Update for rsync (FEDORA-2022-15da0cf165)"},{"cve":"CVE-2022-37434","qid":"283082","title":"Fedora Security Update for zlib (FEDORA-2022-b8232d1cca)"},{"cve":"CVE-2022-37434","qid":"283123","title":"Fedora Security Update for zlib (FEDORA-2022-0b517a5397)"},{"cve":"CVE-2022-37434","qid":"296084","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 50.126.3 Missing (CPUOCT2022)"},{"cve":"CVE-2022-37434","qid":"330143","title":"IBM AIX Denial of Service (DoS) due to zlib and zlibNX (zlib_advisory2)"},{"cve":"CVE-2022-37434","qid":"354068","title":"Amazon Linux Security Advisory for zlib : ALAS2-2022-1849"},{"cve":"CVE-2022-37434","qid":"354259","title":"Amazon Linux Security Advisory for zlib : ALAS-2022-1650"},{"cve":"CVE-2022-37434","qid":"354390","title":"Amazon Linux Security Advisory for rsync : ALAS2022-2022-158"},{"cve":"CVE-2022-37434","qid":"354392","title":"Amazon Linux Security Advisory for zlib : ALAS2022-2022-252"},{"cve":"CVE-2022-37434","qid":"354438","title":"Amazon Linux Security Advisory for rsync : ALAS2022-2022-148"},{"cve":"CVE-2022-37434","qid":"354551","title":"Amazon Linux Security Advisory for zlib : ALAS-2022-252"},{"cve":"CVE-2022-37434","qid":"355132","title":"Amazon Linux Security Advisory for zlib : ALAS2023-2023-003"},{"cve":"CVE-2022-37434","qid":"355190","title":"Amazon Linux Security Advisory for rsync : ALAS2023-2023-002"},{"cve":"CVE-2022-37434","qid":"355384","title":"Amazon Linux Security Advisory for rsync : ALAS2-2023-2074"},{"cve":"CVE-2022-37434","qid":"377897","title":"Alibaba Cloud Linux Security Update for rsync security and enhancement update (moderate) (ALINUX3-SA-2023:0005)"},{"cve":"CVE-2022-37434","qid":"377909","title":"Oracle PeopleSoft Enterprise PeopleTools Product Multiple Vulnerabilities (CPUJAN2023)"},{"cve":"CVE-2022-37434","qid":"378117","title":"Alibaba Cloud Linux Security Update for zlib (ALINUX2-SA-2023:0015)"},{"cve":"CVE-2022-37434","qid":"378433","title":"Oracle Hypertext Transfer Protocol Server (HTTP Server) Server Multiple Vulnerabilities (CPUAPR2023)"},{"cve":"CVE-2022-37434","qid":"378599","title":"Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)"},{"cve":"CVE-2022-37434","qid":"502475","title":"Alpine Linux Security Update for zlib"},{"cve":"CVE-2022-37434","qid":"502976","title":"Alpine Linux Security Update for zlib-ng"},{"cve":"CVE-2022-37434","qid":"503674","title":"Alpine Linux Security Update for zlib"},{"cve":"CVE-2022-37434","qid":"505843","title":"Alpine Linux Security Update for zlib-ng"},{"cve":"CVE-2022-37434","qid":"505979","title":"Alpine Linux Security Update for zlib"},{"cve":"CVE-2022-37434","qid":"591311","title":"Bosch Rexroth PRA-ES8P2S Ethernet-Switch Multiple Vulnerabilities (BOSCH-SA-247053-BT)"},{"cve":"CVE-2022-37434","qid":"610440","title":"Apple iOS 15.7.1 and iPadOS 15.7.1 Security Update Missing"},{"cve":"CVE-2022-37434","qid":"610441","title":"Apple iOS 16.1 and iPadOS 16 Security Update Missing"},{"cve":"CVE-2022-37434","qid":"6140119","title":"AWS Bottlerocket Security Update for libz (GHSA-w5mr-8397-m99w)"},{"cve":"CVE-2022-37434","qid":"672199","title":"EulerOS Security Update for zlib (EulerOS-SA-2022-2485)"},{"cve":"CVE-2022-37434","qid":"672222","title":"EulerOS Security Update for zlib (EulerOS-SA-2022-2641)"},{"cve":"CVE-2022-37434","qid":"672259","title":"EulerOS Security Update for sudo (EulerOS-SA-2022-2701)"},{"cve":"CVE-2022-37434","qid":"672276","title":"EulerOS Security Update for mariadb-connector-c (EulerOS-SA-2022-2691)"},{"cve":"CVE-2022-37434","qid":"672283","title":"EulerOS Security Update for mariadb-connector-c (EulerOS-SA-2022-2659)"},{"cve":"CVE-2022-37434","qid":"672293","title":"EulerOS Security Update for zlib (EulerOS-SA-2022-2673)"},{"cve":"CVE-2022-37434","qid":"672299","title":"EulerOS Security Update for rsync (EulerOS-SA-2022-2664)"},{"cve":"CVE-2022-37434","qid":"672301","title":"EulerOS Security Update for sudo (EulerOS-SA-2022-2669)"},{"cve":"CVE-2022-37434","qid":"672303","title":"EulerOS Security Update for zlib (EulerOS-SA-2022-2705)"},{"cve":"CVE-2022-37434","qid":"672316","title":"EulerOS Security Update for rsync (EulerOS-SA-2022-2696)"},{"cve":"CVE-2022-37434","qid":"672317","title":"EulerOS Security Update for zlib (EulerOS-SA-2022-2715)"},{"cve":"CVE-2022-37434","qid":"672339","title":"EulerOS Security Update for mariadb-connector-c (EulerOS-SA-2022-2771)"},{"cve":"CVE-2022-37434","qid":"672359","title":"EulerOS Security Update for zlib (EulerOS-SA-2022-2787)"},{"cve":"CVE-2022-37434","qid":"672360","title":"EulerOS Security Update for zlib (EulerOS-SA-2022-2752)"},{"cve":"CVE-2022-37434","qid":"672372","title":"EulerOS Security Update for rsync (EulerOS-SA-2022-2777)"},{"cve":"CVE-2022-37434","qid":"672376","title":"EulerOS Security Update for deltarpm (EulerOS-SA-2022-2723)"},{"cve":"CVE-2022-37434","qid":"672379","title":"EulerOS Security Update for deltarpm (EulerOS-SA-2022-2758)"},{"cve":"CVE-2022-37434","qid":"672381","title":"EulerOS Security Update for mariadb-connector-c (EulerOS-SA-2022-2736)"},{"cve":"CVE-2022-37434","qid":"672394","title":"EulerOS Security Update for rsync (EulerOS-SA-2022-2742)"},{"cve":"CVE-2022-37434","qid":"672438","title":"EulerOS Security Update for deltarpm (EulerOS-SA-2022-2841)"},{"cve":"CVE-2022-37434","qid":"672469","title":"EulerOS Security Update for deltarpm (EulerOS-SA-2022-2816)"},{"cve":"CVE-2022-37434","qid":"672530","title":"EulerOS Security Update for binutils (EulerOS-SA-2023-1094)"},{"cve":"CVE-2022-37434","qid":"672548","title":"EulerOS Security Update for binutils (EulerOS-SA-2023-1118)"},{"cve":"CVE-2022-37434","qid":"672666","title":"EulerOS Security Update for binutils (EulerOS-SA-2023-1349)"},{"cve":"CVE-2022-37434","qid":"672667","title":"EulerOS Security Update for binutils (EulerOS-SA-2023-1377)"},{"cve":"CVE-2022-37434","qid":"672681","title":"EulerOS Security Update for binutils (EulerOS-SA-2023-1420)"},{"cve":"CVE-2022-37434","qid":"672685","title":"EulerOS Security Update for binutils (EulerOS-SA-2023-1405)"},{"cve":"CVE-2022-37434","qid":"690930","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for Free Berkeley Software Distribution (FreeBSD) (a1323a76-28f1-11ed-a72a-002590c1f29c)"},{"cve":"CVE-2022-37434","qid":"691150","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for mysql (f504a8d2-e105-11ed-85f6-84a93843eb75)"},{"cve":"CVE-2022-37434","qid":"710671","title":"Gentoo Linux zlib Multiple Vulnerabilities (GLSA 202210-42)"},{"cve":"CVE-2022-37434","qid":"752485","title":"SUSE Enterprise Linux Security Update for zlib (SUSE-SU-2022:2847-1)"},{"cve":"CVE-2022-37434","qid":"752487","title":"SUSE Enterprise Linux Security Update for zlib (SUSE-SU-2022:2846-1)"},{"cve":"CVE-2022-37434","qid":"752523","title":"SUSE Enterprise Linux Security Update for zlib (SUSE-SU-2022:2947-1)"},{"cve":"CVE-2022-37434","qid":"902669","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for zlib (10473)"},{"cve":"CVE-2022-37434","qid":"902672","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for zlib (10470)"},{"cve":"CVE-2022-37434","qid":"903714","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for zlib (10473-1)"},{"cve":"CVE-2022-37434","qid":"903898","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for zlib (10470-1)"},{"cve":"CVE-2022-37434","qid":"904813","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python2 (12413)"},{"cve":"CVE-2022-37434","qid":"904832","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for tcl (12451)"},{"cve":"CVE-2022-37434","qid":"904840","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cloud-hypervisor (12304)"},{"cve":"CVE-2022-37434","qid":"904869","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for boost (12301)"},{"cve":"CVE-2022-37434","qid":"904872","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12305)"},{"cve":"CVE-2022-37434","qid":"904880","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gdb (12333)"},{"cve":"CVE-2022-37434","qid":"904888","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (12362)"},{"cve":"CVE-2022-37434","qid":"904889","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grpc (12344)"},{"cve":"CVE-2022-37434","qid":"904899","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mozjs60 (12370)"},{"cve":"CVE-2022-37434","qid":"904902","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for rust (12442)"},{"cve":"CVE-2022-37434","qid":"904911","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for binutils (12299)"},{"cve":"CVE-2022-37434","qid":"904912","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for qt5-qtbase (12415)"},{"cve":"CVE-2022-37434","qid":"904914","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (12382)"},{"cve":"CVE-2022-37434","qid":"904915","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for nmap (12394)"},{"cve":"CVE-2022-37434","qid":"904943","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for erlang (12323)"},{"cve":"CVE-2022-37434","qid":"904946","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for openjdk8 (12405)"},{"cve":"CVE-2022-37434","qid":"904952","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for ccache (12302)"},{"cve":"CVE-2022-37434","qid":"904959","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gcc (12332)"},{"cve":"CVE-2022-37434","qid":"904971","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for syslinux (12445)"},{"cve":"CVE-2022-37434","qid":"904972","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for nss (12396)"},{"cve":"CVE-2022-37434","qid":"904979","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for erlang (12483)"},{"cve":"CVE-2022-37434","qid":"904983","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for binutils (12461)"},{"cve":"CVE-2022-37434","qid":"904987","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cloud-hypervisor (12464)"},{"cve":"CVE-2022-37434","qid":"904996","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for qt5-qtbase (12612)"},{"cve":"CVE-2022-37434","qid":"904998","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for nss (12599)"},{"cve":"CVE-2022-37434","qid":"905027","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for syslinux (12655)"},{"cve":"CVE-2022-37434","qid":"905029","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb-connector-c (12564)"},{"cve":"CVE-2022-37434","qid":"905032","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for nmap (12595)"},{"cve":"CVE-2022-37434","qid":"905034","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for tcl (12656)"},{"cve":"CVE-2022-37434","qid":"905044","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grpc (12492)"},{"cve":"CVE-2022-37434","qid":"905059","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for boost (12462)"},{"cve":"CVE-2022-37434","qid":"905081","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for cmake (12473)"},{"cve":"CVE-2022-37434","qid":"905094","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gdb (12487)"},{"cve":"CVE-2022-37434","qid":"905097","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (12562)"},{"cve":"CVE-2022-37434","qid":"905101","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for crash (12481)"},{"cve":"CVE-2022-37434","qid":"905104","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for rust (12633)"},{"cve":"CVE-2022-37434","qid":"905129","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for rubygem-mini_portile2 (12632)"},{"cve":"CVE-2022-37434","qid":"905132","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for mysql (12571)"},{"cve":"CVE-2022-37434","qid":"905152","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gcc (12486)"},{"cve":"CVE-2022-37434","qid":"940715","title":"AlmaLinux Security Update for zlib (ALSA-2022:7106)"},{"cve":"CVE-2022-37434","qid":"940724","title":"AlmaLinux Security Update for zlib (ALSA-2022:7314)"},{"cve":"CVE-2022-37434","qid":"940733","title":"AlmaLinux Security Update for rsync (ALSA-2022:7793)"},{"cve":"CVE-2022-37434","qid":"940803","title":"AlmaLinux Security Update for rsync (ALSA-2022:8291)"},{"cve":"CVE-2022-37434","qid":"960237","title":"Rocky Linux Security Update for zlib (RLSA-2022:7106)"},{"cve":"CVE-2022-37434","qid":"960550","title":"Rocky Linux Security Update for rsync (RLSA-2022:8291)"},{"cve":"CVE-2022-37434","qid":"960554","title":"Rocky Linux Security Update for zlib (RLSA-2022:7314)"},{"cve":"CVE-2022-37434","qid":"960606","title":"Rocky Linux Security Update for rsync (RLSA-2022:7793)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-37434","ASSIGNER":"cve@mitre.org","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference)."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"n/a","status":"unknown"}]}}]}}]}}]}},"references":{"reference_data":[{"url":"https://github.com/ivd38/zlib_overflow","refsource":"MISC","name":"https://github.com/ivd38/zlib_overflow"},{"url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1","refsource":"MISC","name":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1"},{"url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063","refsource":"MISC","name":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063"},{"url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764","refsource":"MISC","name":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764"},{"url":"http://www.openwall.com/lists/oss-security/2022/08/05/2","refsource":"MISC","name":"http://www.openwall.com/lists/oss-security/2022/08/05/2"},{"url":"https://github.com/curl/curl/issues/9271","refsource":"MISC","name":"https://github.com/curl/curl/issues/9271"},{"url":"http://www.openwall.com/lists/oss-security/2022/08/09/1","refsource":"MISC","name":"http://www.openwall.com/lists/oss-security/2022/08/09/1"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/"},{"url":"https://www.debian.org/security/2022/dsa-5218","refsource":"MISC","name":"https://www.debian.org/security/2022/dsa-5218"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/"},{"url":"https://security.netapp.com/advisory/ntap-20220901-0005/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20220901-0005/"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/"},{"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html","refsource":"MISC","name":"https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/"},{"url":"https://support.apple.com/kb/HT213489","refsource":"MISC","name":"https://support.apple.com/kb/HT213489"},{"url":"https://support.apple.com/kb/HT213488","refsource":"MISC","name":"https://support.apple.com/kb/HT213488"},{"url":"https://support.apple.com/kb/HT213494","refsource":"MISC","name":"https://support.apple.com/kb/HT213494"},{"url":"https://support.apple.com/kb/HT213493","refsource":"MISC","name":"https://support.apple.com/kb/HT213493"},{"url":"https://support.apple.com/kb/HT213491","refsource":"MISC","name":"https://support.apple.com/kb/HT213491"},{"url":"https://support.apple.com/kb/HT213490","refsource":"MISC","name":"https://support.apple.com/kb/HT213490"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/41","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2022/Oct/41"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/38","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2022/Oct/38"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/37","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2022/Oct/37"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/42","refsource":"MISC","name":"http://seclists.org/fulldisclosure/2022/Oct/42"},{"url":"https://security.netapp.com/advisory/ntap-20230427-0007/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20230427-0007/"}]}},"nvd":{"publishedDate":"2022-08-05 07:15:00","lastModifiedDate":"2023-07-19 00:56:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.12","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.7.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0","versionEndExcluding":"16.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"9.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndExcluding":"12.6.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.1","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0","versionEndExcluding":"4.3.16","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11.0","versionEndExcluding":"3.11.22","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.31","versionEndExcluding":"3.7.34","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}