Lucene search
K

786 matches found

RedHat Linux
RedHat Linux
added 2026/06/26 11:42 a.m.6 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: bzip2: bzip2-1.0.8-23.2.hum1 aarch64, x8664 bzip2-devel-1.0.8-23.2.hum1 aarch64, x8664 bzip2-libs-1.0.8-23.2.hum1 aarch64, x8664 bzip2-static-1.0.8-23.2.hum1 aarch64, x8664...

4.8CVSS5.8AI score0.00126EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 7:40 a.m.12 views

BIT-PYTHON-MIN-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References10
OSV
OSV
added 2026/06/25 7:40 a.m.9 views

BIT-PYTHON-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References10
OSV
OSV
added 2026/06/25 7:36 a.m.10 views

BIT-LIBPYTHON-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/06/10 2:33 a.m.15 views

SUSE CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

4.7CVSS5.4AI score0.00433EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 12:33 a.m.13 views

EUVD-2026-35202

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 11:17 p.m.8 views

DEBIAN-CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 11:17 p.m.9 views

UBUNTU-CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/08 11:16 p.m.7 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the bz2.BZ2Decompressor objects. An attacker can cause out-of-bounds writes to a stack buffer by reusing a decompressor object after a decompression error and providing crafted input. This can result in...

8.2CVSS5.5AI score0.00433EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/08 10:1 p.m.7 views

CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.2AI score0.00433EPSS
Exploits0References8
CVE
CVE
added 2026/06/08 10:1 p.m.170 views

CVE-2026-9669

The CVE affects Python’s bz2.BZ2Decompressor: objects could be reused after a decompression error, allowing an application that catches OSError and retries with the same decompressor to resume in an invalid internal state and perform out-of-bounds writes to a stack buffer, possibly crashing the p...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References9
OSV
OSV
added 2026/06/08 10:1 p.m.16 views

PSF-2026-27

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47453

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description bz2.BZ2Decompressor objects can be reused following a decompression error. If an application catches the resulting OSError and attempts to retry using the same decompressor, specially crafted...

8.2CVSS5.4AI score0.00622EPSS
Exploits0References67
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-42250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bzip2 contains an offbyone error in the bzip2recover utility. When processing a specially crafted file, the application performs an outofbounds write to a globa...

4.8CVSS5.6AI score0.00126EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:4 a.m.11 views

Off-by-One Leading to Out-of-Bounds Write in bzip2

...

4.8CVSS5.8AI score0.00126EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/28 1:15 p.m.8 views

CVE-2026-42250 Off-by-One Leading to Out-of-Bounds Write in bzip2

bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash denial of service. This issue was fixed in bzip2...

4.8CVSS5.8AI score0.00126EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

bzip2 安全漏洞

Bzip2 is an open-source compression/ decompression application developed by the Bzip2 organization. Bzip2 has a security vulnerability, which stems from a minor error in the bzip2recover tool. This error may lead to out-of-bound writing when processing specially crafted files, resulting in memory...

5.1CVSS5.8AI score0.00126EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Netty

The Bzip2 decompression decoder function does not allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. This affects all users of Bzip2Decoder. Malicious inputs can trigger an OOME, thereby causing a DoS attack...

7.5CVSS6.8AI score0.05651EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in bzip2

The vulnerability of the Bzip2 data compression utility is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: netty (UTSA-2026-017448)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017448 advisory. The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during...

7.5CVSS6.8AI score0.05651EPSS
Exploits0References4
Rows per page
Query Builder