VYPR
High severityNVD Advisory· Published Jan 10, 2023· Updated Apr 7, 2025

CVE-2023-22895

CVE-2023-22895

Description

The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
bzip2crates.io
< 0.4.40.4.4

Affected products

5

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.