This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- FlexNet Publisher
- :
- FlexNet Publisher Knowledge Base
- :
- Vulnerability : CVE-2022-37434
Subscribe
- Mark as New
- Mark as Read
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Vulnerability : CVE-2022-37434
Vulnerability : CVE-2022-37434
NVD: 2022/08/05 - CVSS v3.1
Base Score: 9.8:
Description:
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.
NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference)
The zlib third party is not directly used by FNP. It comes with Thales dongle support .
CVE-2022-37434 does not impact FNP directly .
The zlib will be upgraded to latest in Thales 8.5 LDK version which is planned for release in Oct 2022.
No ratings