Updated: 2026-02-27 03:07:43.051527
Description:
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 5.0 |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| Ubuntu 16.04 ELS | python2.7 | 2.7.12 | 7.5 | HIGH | Not Vulnerable | 2024-04-25 22:00:40 | Not vulnerable: CVE-2018-25032 is a flaw in zlib’s deflate implementation (<1.2.12), not in minizi... | |
| Ubuntu 16.04 ELS | zlib | 1.2.8 | 7.5 | HIGH | Released | CLSA-2022:1649170583 | 2022-04-29 06:52:36 | Not vulnerable: CVE-2018-25032 is a flaw in zlib’s deflate implementation (<1.2.12), not in minizi... |
| Ubuntu 18.04 ELS | rsync | 3.1.2-2.1 | 7.5 | HIGH | Already Fixed | 2024-04-25 21:42:05 | ||
| Ubuntu 18.04 ELS | zlib | 1.2.11 | 7.5 | HIGH | Already Fixed | 2024-04-25 21:42:05 | ||
| Ubuntu 18.04 ELS | python2.7 | 2.7.17-1 | 7.5 | HIGH | Not Vulnerable | 2024-04-25 21:42:05 | ||
| Ubuntu 18.04 ELS | python3.6 | 3.6.9-1 | 7.5 | HIGH | Not Vulnerable | 2025-07-11 01:42:24 | ||
| Ubuntu 18.04 ELS | minizip | 1.1-8 | 7.5 | HIGH | Not Vulnerable | 2026-01-12 01:26:15 | ||
| Ubuntu 20.04 ELS | rsync | 3.1.3 | 7.5 | HIGH | Not Vulnerable | 2025-09-30 05:35:11 | Not affected — CVE-2018-25032 is a flaw in the zlib library’s deflate (compression) routine, fix... | |
| Ubuntu 20.04 ELS | zlib | 1.2.11.dfsg | 7.5 | HIGH | Already Fixed | 2025-09-30 05:35:13 | Not affected — CVE-2018-25032 is a flaw in the zlib library’s deflate (compression) routine, fix... |