bzip3
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-29421 | Hig | 0.57 | 8.8 | 0.01 | Apr 6, 2023 | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block. | ||
| CVE-2023-29417 | Med | 0.42 | 6.5 | 0.01 | Apr 6, 2023 | An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior… | ||
| CVE-2023-29418 | Med | 0.00 | 6.5 | 0.01 | Apr 6, 2023 | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read. | ||
| CVE-2023-29416 | Med | 0.00 | 6.5 | 0.01 | Apr 6, 2023 | An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais. |
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior…
- risk 0.00cvss 6.5epss 0.01
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read.
- risk 0.00cvss 6.5epss 0.01
An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.