VulnerableCode Package Details - pkg:apk/alpine/zlib@0?arch=x86&distroversion=v3.23&reponame=main

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/zlib@0?arch=x86&distroversion=v3.23&reponame=main

purl	pkg:apk/alpine/zlib@0?arch=x86&distroversion=v3.23&reponame=main

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-fvf6-q2at-vfd3	Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected.	CVE-2023-6992
VCID-v6pc-48dg-4kad	Integer Overflow or Wraparound MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.	CVE-2023-45853 GHSA-mq29-j5xf-cjwr

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-03T17:51:43.719791+00:00	Alpine Linux Importer	Fixing	VCID-v6pc-48dg-4kad	https://secdb.alpinelinux.org/v3.23/main.json	38.1.0
2026-04-01T19:07:39.433424+00:00	Alpine Linux Importer	Fixing	VCID-fvf6-q2at-vfd3	https://secdb.alpinelinux.org/v3.23/main.json	38.0.0