Denial of Service (DoS) The advisory has been revoked - it doesn't affect any version of package zlib  (opens in a new tab)


Threat Intelligence

EPSS
4% (90th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CONAN-ZLIB-10078579
  • published8 May 2025
  • disclosed26 Jul 2005
  • creditUnknown

Introduced: 26 Jul 2005

CVE-2005-1849  (opens in a new tab)
CWE-400  (opens in a new tab)

Amendment

This was deemed not a vulnerability.

Overview

Affected versions of this package are vulnerable to Denial of Service (DoS) inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.