CVE-2022-37434

CRITICAL

zlib <= 1.2.12 - Heap-Based Buffer Overflow in inflate via Large Gzip Header Extra Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2022-37434. PoCs published by xen0bit, Trinadh465.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2022-37434, a heap-based buffer over-read or overflow vulnerability in zlib's inflate function. The exploit crafts a malicious gzip header with an excessively large extra field to trigger the vulnerability.

Description

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

Exploits (2)

nomisec WORKING POC 3 stars
by xen0bit · poc
https://github.com/xen0bit/CVE-2022-37434_poc

This repository contains a functional proof-of-concept exploit for CVE-2022-37434, a heap-based buffer over-read or overflow vulnerability in zlib's inflate function. The exploit crafts a malicious gzip header with an excessively large extra field to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: zlib through 1.2.12
No auth needed
Prerequisites: Application that calls inflateGetHeader
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec STUB
by Trinadh465 · poc
https://github.com/Trinadh465/external_zlib_CVE-2022-37434

The repository contains the standard zlib library source code without any exploit-specific modifications or proof-of-concept code for CVE-2022-37434. No exploit or vulnerability details are present.

Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: zlib 1.2.8
No auth needed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (27)

Core 27
Core References
Exploit, Issue Tracking, Third Party Advisory
https://github.com/curl/curl/issues/9271
Exploit, Third Party Advisory
https://github.com/ivd38/zlib_overflow
Mailing List, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2022/08/05/2
Mailing List, Patch, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2022/08/09/1
Third Party Advisory vendor-advisory
https://www.debian.org/security/2022/dsa-5218
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html
Mailing List, Third Party Advisory mailing-list
http://seclists.org/fulldisclosure/2022/Oct/41
Mailing List, Third Party Advisory mailing-list
http://seclists.org/fulldisclosure/2022/Oct/38
Mailing List, Third Party Advisory mailing-list
http://seclists.org/fulldisclosure/2022/Oct/37
Mailing List, Third Party Advisory mailing-list
http://seclists.org/fulldisclosure/2022/Oct/42

Scores

CVSS v3 9.8
EPSS 0.1593
EPSS Percentile 96.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-120 CWE-787
Status published
Products (20)
apple/ipados < 15.7.1
apple/iphone_os < 15.7.1
apple/macos 11.0 - 11.7.1
apple/watchos < 9.1
debian/debian_linux 10.0
fedoraproject/fedora 35
fedoraproject/fedora 36
fedoraproject/fedora 37
netapp/active_iq_unified_manager (2 CPE variants)
netapp/h300s_firmware
... and 10 more
Published Aug 05, 2022
Tracked Since Feb 18, 2026