Search for packages
Package details: pkg:deb/debian/zlib@1:1.2.11.dfsg-2
purl pkg:deb/debian/zlib@1:1.2.11.dfsg-2
Next non-vulnerable version 1:1.3.dfsg+really1.3.1-1
Latest non-vulnerable version 1:1.3.dfsg+really1.3.1-1
Risk 10.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-6ar6-xb8y-aaap
Aliases:
CVE-2022-37434
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
1:1.2.11.dfsg-2+deb11u2
Affected by 1 other vulnerability.
VCID-v5mj-f96s-aaas
Aliases:
CVE-2018-25032
GHSA-jc36-42cf-vqwj
1:1.2.11.dfsg-2+deb11u2
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-6ar6-xb8y-aaap zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). CVE-2022-37434
VCID-t9z5-qvz6-aaam MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. CVE-2023-45853
GHSA-mq29-j5xf-cjwr

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-22T01:35:57.260412+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam None 36.1.3
2025-06-21T19:09:31.718706+00:00 Debian Importer Fixing VCID-6ar6-xb8y-aaap None 36.1.3
2025-06-21T15:24:12.987077+00:00 Debian Oval Importer Fixing VCID-6ar6-xb8y-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T05:06:29.927945+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T05:02:58.765156+00:00 Debian Oval Importer Affected by VCID-v5mj-f96s-aaas None 36.1.3
2025-06-21T04:34:43.330060+00:00 Debian Oval Importer Affected by VCID-6ar6-xb8y-aaap None 36.1.3
2025-06-21T01:20:20.566578+00:00 Debian Oval Importer Fixing VCID-6ar6-xb8y-aaap None 36.1.3
2025-06-08T13:00:07.534123+00:00 Debian Oval Importer Affected by VCID-6ar6-xb8y-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:54:43.494083+00:00 Debian Oval Importer Affected by VCID-v5mj-f96s-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T08:18:45.947304+00:00 Debian Oval Importer Fixing VCID-6ar6-xb8y-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T22:40:25.210206+00:00 Debian Oval Importer Affected by VCID-v5mj-f96s-aaas None 36.1.0
2025-06-07T22:11:15.668810+00:00 Debian Oval Importer Affected by VCID-6ar6-xb8y-aaap None 36.1.0
2025-06-07T18:43:07.478608+00:00 Debian Oval Importer Fixing VCID-6ar6-xb8y-aaap None 36.1.0
2025-04-12T18:47:29.435391+00:00 Debian Oval Importer Affected by VCID-6ar6-xb8y-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:41:54.860239+00:00 Debian Oval Importer Affected by VCID-v5mj-f96s-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T06:50:06.968808+00:00 Debian Oval Importer Fixing VCID-6ar6-xb8y-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T21:12:08.073813+00:00 Debian Oval Importer Affected by VCID-v5mj-f96s-aaas None 36.0.0
2025-04-07T20:42:44.288630+00:00 Debian Oval Importer Affected by VCID-6ar6-xb8y-aaap None 36.0.0
2025-04-07T17:20:56.032027+00:00 Debian Oval Importer Fixing VCID-6ar6-xb8y-aaap None 36.0.0
2025-04-05T20:22:18.315341+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam None 36.0.0
2025-04-05T15:19:32.785018+00:00 Debian Importer Fixing VCID-6ar6-xb8y-aaap None 36.0.0
2025-04-04T07:55:54.500737+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-02-21T14:20:00.266586+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam None 35.1.0
2025-02-21T14:19:58.069562+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-21T01:25:52.354077+00:00 Debian Importer Fixing VCID-6ar6-xb8y-aaap None 35.1.0
2024-04-26T05:48:39.975859+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam None 34.0.0rc4
2024-04-26T05:48:39.064242+00:00 Debian Importer Fixing VCID-t9z5-qvz6-aaam https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T19:12:24.671866+00:00 Debian Importer Fixing VCID-6ar6-xb8y-aaap None 34.0.0rc4
2024-01-12T00:54:25.812859+00:00 Debian Importer Fixing VCID-6ar6-xb8y-aaap None 34.0.0rc2
2024-01-05T04:23:40.395508+00:00 Debian Importer Fixing VCID-6ar6-xb8y-aaap None 34.0.0rc1