Denial of Service (DoS) The advisory has been revoked - it doesn't affect any version of package zlib  (opens in a new tab)


Threat Intelligence

EPSS
5.48% (92nd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CONAN-ZLIB-10078580
  • published8 May 2025
  • disclosed6 Jul 2005
  • creditUnknown

Introduced: 6 Jul 2005

CVE-2005-2096  (opens in a new tab)
CWE-400  (opens in a new tab)

Amendment

This was deemed not a vulnerability.

Overview

Affected versions of this package are vulnerable to Denial of Service (DoS) zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.