CVE-2016-9842

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-9842
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9842.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-9842
Aliases
Downstream
Related
Published
2017-05-23T04:29:01.837Z
Modified
2026-03-01T07:58:43.418101Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

References

Affected packages

Git / github.com/madler/zlib

Affected ranges

Type
GIT
Repo
https://github.com/madler/zlib
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e54e1299404101a5a9d0cf5e45512b543967f958
Introduced
f6194ef39af5864f792412460c354cc339dde7d1
Fixed
2fa463bacfff79181df1a5270fb67cc679a53e71

Affected versions

v1.*
v1.2.3.4
v1.2.3.5
v1.2.3.6
v1.2.3.7
v1.2.3.8
v1.2.3.9
v1.2.4
v1.2.4-pre1
v1.2.4-pre2
v1.2.4.1
v1.2.4.2
v1.2.4.3
v1.2.4.4
v1.2.4.5
v1.2.5
v1.2.5.1
v1.2.5.2
v1.2.5.3
v1.2.6
v1.2.6.1
v1.2.7
v1.2.7.1
v1.2.7.2
v1.2.7.3
v1.2.8

Database specific

vanir_signatures 
[
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "197951099598945818012665496059597381937",
                "218058564149337140627069730938953305528",
                "35461147203123204953544851692249115489",
                "21791617784595784373422247518836318906",
                "72931159308314729243247753659745241410",
                "146904977187427878309415323339916421278"
            ]
        },
        "source": "https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958",
        "deprecated": false,
        "id": "CVE-2016-9842-3b57fccc",
        "signature_type": "Line",
        "target": {
            "file": "inflate.c"
        },
        "signature_version": "v1"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "16120810892851687554789220157819832702",
                "131827276427891043182256510196340875300",
                "189513208101419307945534658579998871654",
                "212147175082612510136412243030409560140",
                "299085759267730258754641938507926344080",
                "138959356155413799645705262600700520329",
                "29752084737358720135606731688432604107",
                "166620327939650871483308933286046278470"
            ]
        },
        "source": "https://github.com/madler/zlib/commit/2fa463bacfff79181df1a5270fb67cc679a53e71",
        "deprecated": false,
        "id": "CVE-2016-9842-414fe37a",
        "signature_type": "Line",
        "target": {
            "file": "contrib/infback9/inftree9.c"
        },
        "signature_version": "v1"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "33289512042373412906093149139436580830",
                "91426820839317131268716791780186008144",
                "194818944693421866592958753112657371532",
                "159668138545083466055711927804961193023",
                "255066741664144691720111386013603848817",
                "234232056215069776200927132383547217084",
                "295366361648995060731826038642910043574",
                "194364176202057146808626712171096427014"
            ]
        },
        "source": "https://github.com/madler/zlib/commit/2fa463bacfff79181df1a5270fb67cc679a53e71",
        "deprecated": false,
        "id": "CVE-2016-9842-7d837108",
        "signature_type": "Line",
        "target": {
            "file": "inftrees.c"
        },
        "signature_version": "v1"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "173123370633123651154244949134281019542",
                "102273106005205754638040113472517884264",
                "235429814244466703824677965529538273675",
                "208303993750882978934021550073336842459",
                "97615609550968706431926448181519994863",
                "339118080829838946074693924107468946553",
                "80218173194119430334455345176075092856",
                "221115080022463896686917755184628890434",
                "220779142876063203106760351651649795828",
                "79972837918061490055760410628729165483",
                "29640572416293066614062894907893542972",
                "320836455951002542724053434768351830366",
                "278439570502606989562359642144711240921",
                "74969605840670941905966442808748242415",
                "136349982313411503433050181948921111059",
                "84828482625013498067679033752823325859",
                "218156909012989000717970859258362570251",
                "156120690550699675574548547437792604157",
                "174169894385923384555886757688589868129",
                "113887265610536653913694580851125688715",
                "322944331613534704823013669100696288875",
                "25052244974639821325585794070234606822",
                "38325901798038084643343130133098808807",
                "158002972493212489475769473812998149461",
                "292758423975469462340735089873782351214",
                "197319885884091558389402997168622303229",
                "273529858872929722013164257392580258347",
                "2188558013403878625577241987667171928",
                "227718873515223558132286010362181398299",
                "337146253929636158546926301773569599342",
                "276954032770302743552966193594550874576",
                "326215511158024088703961555581128655326",
                "243619819439693214143230160079414937501",
                "232483367442315974246589415647223061426",
                "260395415480728946097742438941645713965",
                "292290712618831869667048484348647386677",
                "191647618147979755276168823006196468103",
                "219013074033810971796049774630081821884",
                "205564429641538400226903564968255480612",
                "294498949750680192840586029840089044143",
                "183398131489758762038008857864289906980",
                "69378252258223222776676769656103498778",
                "150063933148831471523654235222726000523",
                "160919057829188140111342717977171904200",
                "113985210579133651988131412870508958926",
                "236797731968003545657916862894293146441"
            ]
        },
        "source": "https://github.com/madler/zlib/commit/2fa463bacfff79181df1a5270fb67cc679a53e71",
        "deprecated": false,
        "id": "CVE-2016-9842-877aa23a",
        "signature_type": "Line",
        "target": {
            "file": "zconf.h"
        },
        "signature_version": "v1"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "241551680136109100503375360648810826978",
                "68187369923040033918172656615963607133",
                "297761764425146664349507739115654243055"
            ]
        },
        "source": "https://github.com/madler/zlib/commit/2fa463bacfff79181df1a5270fb67cc679a53e71",
        "deprecated": false,
        "id": "CVE-2016-9842-ebd0da57",
        "signature_type": "Line",
        "target": {
            "file": "deflate.c"
        },
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9842.json"

Git / github.com/nodejs/node

Affected ranges

Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Fixed
bebda6df68c71f233a2ee212b2569ae6e70b48a9
Introduced
6b1c40be84fbe5ea404f25e4e340a0c1fe67a60a
Fixed
fbc9fded2fb4caa104e55146e6fa4fc2c3d11daf
Introduced
6dc12b1042d5d4727f77e8a1c5758dab91400069
Fixed
ea2ceac846abb279fd4d141bfe32fc4f7a6e30e0
Introduced
cf41627411886000429bde058a6594fb7f6d6d47
Fixed
ab4af087e83d91a46354d765306d3543b1d85423

Affected versions

v10.*
v10.0.0
v10.1.0
v10.10.0
v10.11.0
v10.12.0
v10.2.0
v10.2.1
v10.3.0
v10.4.0
v10.4.1
v10.5.0
v10.6.0
v10.7.0
v10.8.0
v10.9.0
v4.*
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.3.0
v4.3.1
v4.3.2
v4.4.0
v4.4.1
v4.4.2
v4.4.3
v4.4.4
v4.4.5
v4.4.6
v4.4.7
v4.5.0
v4.6.0
v4.6.1
v4.6.2
v4.7.0
v4.7.1
v4.7.2
v4.7.3
v4.8.0
v4.8.1
v6.*
v6.10.0
v6.10.1
v6.9.0
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v7.*
v7.0.0
v7.1.0
v7.2.0
v7.2.1
v7.3.0
v7.4.0
v7.5.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9842.json"