CVE advisoryCRITICAL
CVE-2023-45853
MiniZip Heap Overflow Vulnerability in zlib and pyminizip.
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in zlib's MiniZip component allows for an integer overflow and heap-based buffer overflow via crafted filenames, comments, or extra fields. This could impact the integrity and availability of services processing zip files. Uncertainty exists regarding specific product versions affected and direct exploi