Lucene search
MitreCVELIST:CVE-2023-22895HistoryJan 10, 2023 - 12:00 a.m.
CVE-2023-22895
2023-01-1000:00:00
mitre
www.cve.org
bzip2 crate
denial of service
integer overflow
mem.rs
0.001 Low
EPSS
Percentile
50.6%
The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.
References
crates.io/crates/bzip2/versions
github.com/alexcrichton/bzip2-rs/pull/86
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MI5SVRSGKBWB2JGDLDVIFY5ZQVDZP6I7/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQK57GGXJX3AH7KF6S7S3N7JC5QOYUQ7/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UUK2JO25PPA6XBREKJRBLRCD22LKIOLO/
Related
osv
osv
bzip2 Denial of Service (DoS)
2023-01-09 12:00:00
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow
2023-01-10 03:30:29
CVE-2023-22895
2023-01-10 01:15:10
rustsec
rustsec
bzip2 Denial of Service (DoS)
2023-01-09 12:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: rust-sequoia-sop-0.26.1-5.fc37
2023-03-07 01:34:34
[SECURITY] Fedora 36 Update: rust-sequoia-sq-0.26.0-5.fc36
2023-03-07 01:40:34
[SECURITY] Fedora 38 Update: rust-sequoia-sop-0.26.1-5.fc38
2023-03-11 03:47:00
nvd
nvd
CVE-2023-22895
2023-01-10 01:15:10
ubuntucve
ubuntucve
CVE-2023-22895
2023-01-10 00:00:00
nessus
nessus
cbl_mariner
cbl_mariner
CVE-2023-22895 affecting package mozjs60 60.9.0-10
2023-02-14 02:36:17
openvas
openvas
Fedora: Security Advisory for rust-sequoia-sq (FEDORA-2023-c08ee112f6)
2023-03-12 00:00:00
Fedora: Security Advisory for rust-sequoia-sq (FEDORA-2023-7bd6fbb5fa)
2023-03-07 00:00:00
Fedora: Security Advisory for rust-sequoia-sop (FEDORA-2023-c17427d18a)
2023-03-07 00:00:00
github
github
cve
cve
CVE-2023-22895
2023-01-10 01:15:10
prion
prion
Integer overflow
2023-01-10 01:15:00
debiancve
debiancve
CVE-2023-22895
2023-01-10 01:15:10