/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2023-45853

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-45853

CGA ID

CGA-jq67-276v-crw8

Severity

Unknown

Description

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs