Description
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.
References (11)
Core 11
Core References
Mailing List, Patch
https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356
Mailing List, Patch
https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61
Issue Tracking, Patch
https://github.com/madler/zlib/pull/843
Release Notes
https://pypi.org/project/pyminizip/#history
Third Party Advisory
https://security.netapp.com/advisory/ntap-20231130-0009/
Mailing List mailing-list
http://www.openwall.com/lists/oss-security/2023/10/20/9
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202401-18
Mailing List mailing-list
http://www.openwall.com/lists/oss-security/2024/01/24/10
Scores
CVSS v3
9.8
EPSS
0.0129
EPSS Percentile
79.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-190
Status
published
Products (3)
pypi/pyminizip
0PyPI
smihica/pyminizip
< 0.2.6
zlib/zlib
< 1.3.1
Published
Oct 14, 2023
Tracked Since
Feb 18, 2026