Known Vulnerabilities for products from Zlib
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Zlib".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40036 json | Not Provided | 2026-04-08 | 2026-04-11 | |
| CVE-2026-35469 json | Not Provided | 2026-04-16 | 2026-04-17 | |
| CVE-2026-27820 json | Not Provided | 2026-04-16 | 2026-04-16 | |
| CVE-2026-23943 json | Not Provided | 2026-03-13 | 2026-04-06 | |
| CVE-2026-6100 json | Not Provided | 2026-04-13 | 2026-04-14 | |
| CVE-2026-4176 json | Not Provided | 2026-03-29 | 2026-03-30 | |
| CVE-2023-45853 json | MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a... | 9.8 - CRITICAL | 2023-10-14 | 2024-01-24 |
| CVE-2022-37434 json | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extr... | 9.8 - CRITICAL | 2022-08-05 | 2023-07-19 |
| CVE-2018-25032 json | zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | 7.5 - HIGH | 2022-03-25 | 2023-11-07 |
| CVE-2016-9843 json | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vector... | 9.8 - CRITICAL | 2017-05-23 | 2023-11-07 |
| CVE-2016-9841 json | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer ari... | 9.8 - CRITICAL | 2017-05-23 | 2023-11-07 |
| CVE-2016-9840 json | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer ar... | 8.8 - HIGH | 2017-05-23 | 2023-11-07 |
| CVE-2015-1191 json | Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a (1) full ... | 5 - MEDIUM | 2015-01-21 | 2016-12-03 |
| CVE-2013-0296 json | Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file'... | 4.4 - MEDIUM | 2014-04-27 | 2014-04-28 |
| CVE-2005-2096 json | zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with... | Not Provided | 2005-07-06 | 2025-04-03 |
| CVE-2005-1849 json | inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that ca... | Not Provided | 2005-07-26 | 2025-04-03 |
| CVE-2004-0797 json | The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to c... | Not Provided | 2004-10-20 | 2025-04-03 |
| CVE-2003-0107 json | Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are trunc... | Not Provided | 2003-03-07 | 2025-04-03 |
| CVE-2002-0059 json | The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to... | Not Provided | 2002-03-15 | 2025-04-03 |