CVE-2020-18770 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-18770 Interim 1 12 2025-08-14T01:32:21Z current 2023-08-28T23:50:52Z 2025-08-14T01:32:21Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-18770 An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2024-March/018196.html E-Mail link for SUSE-SU-2024:0961-1 https://lists.suse.com/pipermail/sle-security-updates/2024-March/018191.html E-Mail link for SUSE-SU-2024:0970-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 8 SUSE Liberty Linux 9 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Server 15 SP4-TERADATA SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 openSUSE Leap 15.5 openSUSE Tumbleweed libzzip-0-13-0.13.67-10.36.1 libzzip-0-13-0.13.69-150000.3.17.1 libzzip-0-13-0.13.72-150600.2.2 libzzip-0-13-0.13.72-3.1 libzzip-0-13-0.13.78-150700.1.5 libzzip-0-13-32bit-0.13.69-150000.3.17.1 libzzip-0-13-32bit-0.13.72-3.1 zziplib-0.13.68-13.el8_10 zziplib-0.13.71-11.el9_4 zziplib-devel-0.13.67-10.36.1 zziplib-devel-0.13.68-13.el8_10 zziplib-devel-0.13.69-150000.3.17.1 zziplib-devel-0.13.71-11.el9_4 zziplib-devel-0.13.72-150600.2.2 zziplib-devel-0.13.72-3.1 zziplib-devel-0.13.78-150700.1.5 zziplib-devel-32bit-0.13.69-150000.3.17.1 zziplib-devel-32bit-0.13.72-3.1 zziplib-utils-0.13.68-13.el8_10 zziplib-utils-0.13.71-11.el9_4 zziplib-0.13.68-13.el8_10 as a component of SUSE Liberty Linux 8 zziplib-devel-0.13.68-13.el8_10 as a component of SUSE Liberty Linux 8 zziplib-utils-0.13.68-13.el8_10 as a component of SUSE Liberty Linux 8 zziplib-0.13.71-11.el9_4 as a component of SUSE Liberty Linux 9 zziplib-devel-0.13.71-11.el9_4 as a component of SUSE Liberty Linux 9 zziplib-utils-0.13.71-11.el9_4 as a component of SUSE Liberty Linux 9 libzzip-0-13-0.13.69-150000.3.17.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 zziplib-devel-0.13.69-150000.3.17.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 libzzip-0-13-0.13.72-150600.2.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 zziplib-devel-0.13.72-150600.2.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libzzip-0-13-0.13.78-150700.1.5 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 zziplib-devel-0.13.78-150700.1.5 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libzzip-0-13-0.13.69-150000.3.17.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA zziplib-devel-0.13.69-150000.3.17.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA libzzip-0-13-0.13.67-10.36.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 zziplib-devel-0.13.67-10.36.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 libzzip-0-13-0.13.67-10.36.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 libzzip-0-13-0.13.69-150000.3.17.1 as a component of openSUSE Leap 15.5 libzzip-0-13-32bit-0.13.69-150000.3.17.1 as a component of openSUSE Leap 15.5 zziplib-devel-0.13.69-150000.3.17.1 as a component of openSUSE Leap 15.5 zziplib-devel-32bit-0.13.69-150000.3.17.1 as a component of openSUSE Leap 15.5 libzzip-0-13-0.13.72-3.1 as a component of openSUSE Tumbleweed libzzip-0-13-32bit-0.13.72-3.1 as a component of openSUSE Tumbleweed zziplib-devel-0.13.72-3.1 as a component of openSUSE Tumbleweed zziplib-devel-32bit-0.13.72-3.1 as a component of openSUSE Tumbleweed An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. CVE-2020-18770 SUSE Liberty Linux 8:zziplib-0.13.68-13.el8_10 SUSE Liberty Linux 8:zziplib-devel-0.13.68-13.el8_10 SUSE Liberty Linux 8:zziplib-utils-0.13.68-13.el8_10 SUSE Liberty Linux 9:zziplib-0.13.71-11.el9_4 SUSE Liberty Linux 9:zziplib-devel-0.13.71-11.el9_4 SUSE Liberty Linux 9:zziplib-utils-0.13.71-11.el9_4 SUSE Linux Enterprise Module for Basesystem 15 SP5:libzzip-0-13-0.13.69-150000.3.17.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:zziplib-devel-0.13.69-150000.3.17.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libzzip-0-13-0.13.72-150600.2.2 SUSE Linux Enterprise Module for Basesystem 15 SP6:zziplib-devel-0.13.72-150600.2.2 SUSE Linux Enterprise Module for Basesystem 15 SP7:libzzip-0-13-0.13.78-150700.1.5 SUSE Linux Enterprise Module for Basesystem 15 SP7:zziplib-devel-0.13.78-150700.1.5 SUSE Linux Enterprise Server 15 SP4-TERADATA:libzzip-0-13-0.13.69-150000.3.17.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:zziplib-devel-0.13.69-150000.3.17.1 SUSE Linux Enterprise Software Development Kit 12 SP5:libzzip-0-13-0.13.67-10.36.1 SUSE Linux Enterprise Software Development Kit 12 SP5:zziplib-devel-0.13.67-10.36.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libzzip-0-13-0.13.67-10.36.1 openSUSE Leap 15.5:libzzip-0-13-0.13.69-150000.3.17.1 openSUSE Leap 15.5:libzzip-0-13-32bit-0.13.69-150000.3.17.1 openSUSE Leap 15.5:zziplib-devel-0.13.69-150000.3.17.1 openSUSE Leap 15.5:zziplib-devel-32bit-0.13.69-150000.3.17.1 openSUSE Tumbleweed:libzzip-0-13-0.13.72-3.1 openSUSE Tumbleweed:libzzip-0-13-32bit-0.13.72-3.1 openSUSE Tumbleweed:zziplib-devel-0.13.72-3.1 openSUSE Tumbleweed:zziplib-devel-32bit-0.13.72-3.1 low 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L