OpenCVE

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Jboss Core Services
Zlib	Zlib

Configuration 1 [-]

cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat JBoss Core Services 1
zlib	cpe:/a:redhat:jboss_core_services:1	RHSA-2023:7626	2023-12-07T00:00:00Z

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/10/20/9
http://www.openwall.com/lists/oss-security/2024/01/24/10
https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356
https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61
https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4
https://github.com/madler/zlib/pull/843
https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html
https://nvd.nist.gov/vuln/detail/CVE-2023-45853
https://pypi.org/project/pyminizip/#history
https://security.gentoo.org/glsa/202401-18
https://security.netapp.com/advisory/ntap-20231130-0009/
https://www.cve.org/CVERecord?id=CVE-2023-45853
https://www.winimage.com/zLibDll/minizip.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-10-14T00:00:00

Updated: 2024-08-02T20:29:32.500Z

Reserved: 2023-10-14T00:00:00

Link: CVE-2023-45853

Vulnrichment

Updated: 2024-08-02T20:29:32.500Z

NVD

Status : Modified

Published: 2023-10-14T02:15:09.323

Modified: 2024-08-01T13:44:58.990

Link: CVE-2023-45853

Redhat

Severity : Moderate

Publid Date: 2023-10-14T00:00:00Z

Links: CVE-2023-45853 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-45853", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T20:29:32.500Z", "dateReserved": "2023-10-14T00:00:00", "datePublished": "2023-10-14T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-01-24T21:06:19.795482"}, "descriptions": [{"lang": "en", "value": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/madler/zlib/pull/843"}, {"url": "https://www.winimage.com/zLibDll/minizip.html"}, {"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"}, {"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"}, {"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"}, {"name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/9"}, {"name": "[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"}, {"url": "https://security.netapp.com/advisory/ntap-20231130-0009/"}, {"url": "https://pypi.org/project/pyminizip/#history"}, {"name": "GLSA-202401-18", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202401-18"}, {"name": "[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2024/01/24/10"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-190", "lang": "en", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "affected": [{"vendor": "zlib", "product": "zlib", "cpes": ["cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.3", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-19T03:55:37.318179Z", "id": "CVE-2023-45853", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T16:17:29.025Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:32.500Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/madler/zlib/pull/843", "tags": ["x_transferred"]}, {"url": "https://www.winimage.com/zLibDll/minizip.html", "tags": ["x_transferred"]}, {"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4", "tags": ["x_transferred"]}, {"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61", "tags": ["x_transferred"]}, {"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356", "tags": ["x_transferred"]}, {"name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/9"}, {"name": "[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"}, {"url": "https://security.netapp.com/advisory/ntap-20231130-0009/", "tags": ["x_transferred"]}, {"url": "https://pypi.org/project/pyminizip/#history", "tags": ["x_transferred"]}, {"name": "GLSA-202401-18", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202401-18"}, {"name": "[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2024/01/24/10"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/madler/zlib/pull/843", "tags": ["x_transferred"]}, {"url": "https://www.winimage.com/zLibDll/minizip.html", "tags": ["x_transferred"]}, {"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4", "tags": ["x_transferred"]}, {"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61", "tags": ["x_transferred"]}, {"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/10/20/9", "name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html", "name": "[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20231130-0009/", "tags": ["x_transferred"]}, {"url": "https://pypi.org/project/pyminizip/#history", "tags": ["x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202401-18", "name": "GLSA-202401-18", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/24/10", "name": "[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:32.500Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-45853", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-19T03:55:37.318179Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*"], "vendor": "zlib", "product": "zlib", "versions": [{"status": "affected", "version": "0", "lessThan": "1.3", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-19T14:08:16.899Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/madler/zlib/pull/843"}, {"url": "https://www.winimage.com/zLibDll/minizip.html"}, {"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"}, {"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"}, {"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"}, {"url": "http://www.openwall.com/lists/oss-security/2023/10/20/9", "name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html", "name": "[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update", "tags": ["mailing-list"]}, {"url": "https://security.netapp.com/advisory/ntap-20231130-0009/"}, {"url": "https://pypi.org/project/pyminizip/#history"}, {"url": "https://security.gentoo.org/glsa/202401-18", "name": "GLSA-202401-18", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/24/10", "name": "[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3", "tags": ["mailing-list"]}], "descriptions": [{"lang": "en", "value": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-01-24T21:06:19.795482"}}}, "cveMetadata": {"cveId": "CVE-2023-45853", "state": "PUBLISHED", "dateUpdated": "2024-08-02T20:29:32.500Z", "dateReserved": "2023-10-14T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-10-14T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCAD5846-089D-4749-88B4-20243BC19B29", "versionEndIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API."}, {"lang": "es", "value": "MiniZip en zlib hasta 1.3 tiene un desbordamiento de enteros y un desbordamiento de b\u00fafer basado en mont\u00f3n resultante en zipOpenNewFileInZip4_64 a trav\u00e9s de un nombre de archivo largo, un comentario o un campo adicional. NOTA: MiniZip no es una parte compatible del producto zlib."}], "id": "CVE-2023-45853", "lastModified": "2024-08-01T13:44:58.990", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-10-14T02:15:09.323", "references": [{"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2023/10/20/9"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/24/10"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/madler/zlib/pull/843"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"}, {"source": "cve@mitre.org", "url": "https://pypi.org/project/pyminizip/#history"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202401-18"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20231130-0009/"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.winimage.com/zLibDll/minizip.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-190"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:7626", "cpe": "cpe:/a:redhat:jboss_core_services:1", "package": "zlib", "product_name": "Red Hat JBoss Core Services 1", "release_date": "2023-12-07T00:00:00Z"}], "bugzilla": {"description": "zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6", "id": "2244556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244556"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-190->CWE-122", "details": ["MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.", "A flaw was found in the MiniZip component of the zlib package. When opening a new file, MiniZip doesn't properly validate the filename, comments, or extra fields length against the data type used to store this information. This may allow an attacker to craft a malicious ZIP file that will lead to an overflow on the length field. This value is further used in memory allocations and indexing, which can cause an out-of-bounds write, leading to heap corruption and possible arbitrary code execution."], "name": "CVE-2023-45853", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openjdk:11", "fix_state": "Will not fix", "package_name": "zlib", "product_name": "Red Hat build of OpenJDK 11"}, {"cpe": "cpe:/a:redhat:openjdk:17", "fix_state": "Affected", "package_name": "zlib", "product_name": "Red Hat build of OpenJDK 17"}, {"cpe": "cpe:/a:redhat:openjdk:1.8", "fix_state": "Will not fix", "package_name": "zlib", "product_name": "Red Hat build of OpenJDK 1.8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "zlib", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Not affected", "package_name": "openshift-gitops-1/argocd-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Not affected", "package_name": "openshift-gitops-1/argo-rollouts-rhel8", "product_name": "Red Hat OpenShift GitOps"}], "public_date": "2023-10-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-45853\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-45853"], "statement": "Red Hat Enterprise Linux default configuration doesn't expose zlib through any network services. Additionally, the user would need to be tricked into opening the crafted file from an attacker to be successful. The impact for Confidentiality, Integrity, and Availability is limited to the scope of the process and user privilege related to the victim, therefore, the impact is considered 'Low'.", "threat_severity": "Moderate"}