Blosc
Products
1- 7 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-3204 | Hig | 0.48 | 7.3 | 0.01 | Apr 2, 2024 | A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be… | ||
| CVE-2024-3203 | Hig | 0.48 | 7.3 | 0.01 | Apr 2, 2024 | A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack… | ||
| CVE-2025-29476 | Med | 0.36 | 5.5 | 0.00 | Apr 4, 2025 | Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz on commit 16450518afddcb3139de627157208e49bfef6987 in c-blosc2 v.2.17.0 and before. | ||
| CVE-2023-37188 | Hig | 0.00 | 7.5 | 0.01 | Dec 25, 2023 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_rate_decompress at zfp/blosc2-zfp.c. | ||
| CVE-2023-37187 | Hig | 0.00 | 7.5 | 0.01 | Dec 25, 2023 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfp_acc_decompress. function. | ||
| CVE-2023-37186 | Hig | 0.00 | 7.5 | 0.01 | Dec 25, 2023 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset. | ||
| CVE-2023-37185 | Hig | 0.00 | 7.5 | 0.01 | Dec 25, 2023 | C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_prec_decompress at zfp/blosc2-zfp.c. |
- risk 0.48cvss 7.3epss 0.01
A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be…
- risk 0.48cvss 7.3epss 0.01
A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack…
- risk 0.36cvss 5.5epss 0.00
Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz on commit 16450518afddcb3139de627157208e49bfef6987 in c-blosc2 v.2.17.0 and before.
- risk 0.00cvss 7.5epss 0.01
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_rate_decompress at zfp/blosc2-zfp.c.
- risk 0.00cvss 7.5epss 0.01
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfp_acc_decompress. function.
- risk 0.00cvss 7.5epss 0.01
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset.
- risk 0.00cvss 7.5epss 0.01
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_prec_decompress at zfp/blosc2-zfp.c.