Is security vulnerability CVE-2023-45853 fixed in version 4.0.3? #748

matthewferler · 2023-12-11T16:35:18Z

matthewferler
Dec 11, 2023

A partial description of CVE-2023-45853 is: MiniZip has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. I'm wondering if this has been fixed or is on a roadmap to be fixed. Thanks.

pmqs · 2023-12-11T16:54:08Z

pmqs
Dec 11, 2023

See #735

2 replies

matthewferler Dec 11, 2023
Author

Thank you!

Coeur May 9, 2025
Collaborator

Fixed in #743 (version 4.0.4).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Is security vulnerability CVE-2023-45853 fixed in version 4.0.3? #748

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment 2 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

Is security vulnerability CVE-2023-45853 fixed in version 4.0.3? #748

Uh oh!

matthewferler Dec 11, 2023

Replies: 1 comment · 2 replies

Uh oh!

pmqs Dec 11, 2023

Uh oh!

matthewferler Dec 11, 2023 Author

Uh oh!

Coeur May 9, 2025 Collaborator

matthewferler
Dec 11, 2023

Replies: 1 comment 2 replies

pmqs
Dec 11, 2023

matthewferler Dec 11, 2023
Author

Coeur May 9, 2025
Collaborator