is CVE-2022-37434 relevant for ODBC Driver for SQL Server?

Question

Hi,

our Black Duck Binary Analysis reported ODBC Driver for SQL Server as security risk as it contains zlib library version 1.2.11 which contains vulnerability described in CVE-2022-37434.

we would like to ask if this vulnerability is relevant for ODBC driver (if odbc driver uses inflateGetHeader call) and if it is relevant when we can expect new version of ODBC Driver for SQL Server with updated zlib to be released.

Regards,

Cernansky

SAP Business One Developer