Search for packages
| purl | pkg:deb/debian/libz-mingw-w64@1.2.13%2Bdfsg-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-7sex-snjb-mbby |
CVE-2022-37434
|
|
| VCID-mtzw-nkcm-wfcn | Out-of-bounds Write in zlib affects Nokogiri ## Summary Nokogiri v1.13.4 updates the vendored zlib from 1.2.11 to 1.2.12, which addresses [CVE-2018-25032](https://nvd.nist.gov/vuln/detail/CVE-2018-25032). That CVE is scored as CVSS 7.4 "High" on the NVD record as of 2022-04-05. Please note that this advisory only applies to the CRuby implementation of Nokogiri `< 1.13.4`, and only if the packaged version of `zlib` is being used. Please see [this document](https://nokogiri.org/LICENSE-DEPENDENCIES.html#default-platform-release-ruby) for a complete description of which platform gems vendor `zlib`. If you've overridden defaults at installation time to use system libraries instead of packaged libraries, you should instead pay attention to your distro's `zlib` release announcements. ## Mitigation Upgrade to Nokogiri `>= v1.13.4`. ## Impact ### [CVE-2018-25032](https://nvd.nist.gov/vuln/detail/CVE-2018-25032) in zlib - **Severity**: High - **Type**: [CWE-787](https://cwe.mitre.org/data/definitions/787.html) Out of bounds write - **Description**: zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. |
CVE-2018-25032
GHSA-jc36-42cf-vqwj GHSA-v6gp-9mmm-c6p5 GMS-2022-787 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T12:48:57.729427+00:00 | Debian Importer | Fixing | VCID-7sex-snjb-mbby | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |
| 2025-08-01T12:14:31.415990+00:00 | Debian Importer | Fixing | VCID-mtzw-nkcm-wfcn | https://security-tracker.debian.org/tracker/data/json | 37.0.0 |