CVE
CVE-2022-37434
| CVE ID |
CVE-2022-37434
|
|---|---|
| CVSS Score |
9.8
|
| Operating System | |
| Affected Versions |
CentOS 6
|
| Patched Versions |
1.2.3-29_ol001.el6
|
| Patch Date |
|
Additional Information
NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2022-37434
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).