is CVE-2022-37434 relevant for ODBC Driver for SQL Server?

Oliver C 0 Reputation points
2023-03-23T09:45:10.1633333+00:00

Hi,

our Black Duck Binary Analysis reported ODBC Driver for SQL Server as security risk as it contains zlib library version 1.2.11 which contains vulnerability described in CVE-2022-37434.

we would like to ask if this vulnerability is relevant for ODBC driver (if odbc driver uses inflateGetHeader call) and if it is relevant when we can expect new version of ODBC Driver for SQL Server with updated zlib to be released.

Regards,

Cernansky

SAP Business One Developer

Community Center | Not monitored
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.