70 matches found
UBUNTU-CVE-2023-29419
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3decodeblock out-of-bounds read...
CVE-2023-29420
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...
CVE-2023-29418
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read...
PT-2023-22243 · Bzip3 · Bzip3
Name of the Vulnerable Software and Affected Versions: bzip3 versions prior to 1.3.0 Description: An issue was discovered in libbzip3.a in bzip3. A denial of service process hang can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais...
CVE-2023-29416
An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3decodeblock out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais...
Out-of-bounds Read
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read...
Out-of-bounds Read
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3decodeblock out-of-bounds read...
Improper Restriction of Operations within the Bounds of a Memory Buffer
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...
Out-of-bounds Write
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3decodeblock...
CVE-2023-29416
The CVE-2023-29416 issue affects libbzip3.a in bzip3 up to version 1.3.0, where a bz3_decode_block out-of-bounds write can occur with crafted archives due to non-adherence to the libsais interaction procedure. Reported impact includes HIGH availability risk with otherwise limited confidentiality/...
CVE-2023-29421
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3decodeblock...
CVE-2023-29415
CVE-2023-29415 affects libbzip3.a in bzip3 prior to version 1.3.0. The issue can cause a denial of service (process hang) when handling a crafted archive, due to improper interaction with libsais. Affects bzip3 users compiling or distributing the library prior to 1.3.0. The vulnerability increase...
CVE-2023-29421
Technical details of CVE-2023-29421 are only in the initial description; no connected documents with concrete technical details are provided. Monitor for updates.
PT-2023-22245 · Bzip3 +1 · Bzip3 +1
Name of the Vulnerable Software and Affected Versions: bzip3 version 1.2.2 Description: An issue was discovered in libbzip3.a where there is a bz3 decompress out-of-bounds read in certain situations. This occurs when buffers passed to bzip3 do not contain enough space to be filled with decompress...
CVE-2023-29419
CVE-2023-29419 affects the library in the bzip3 project: specifically, the component libbzip3.a in bzip3 prior to 1.2.3, where the function bz3_decode_block can read out of bounds. The vulnerability is documented with a CVSS v3.1 base score of 6.5 (Medium), with network access, no privileges requ...
CVE-2023-29418
CVE-2023-29418 concerns libbzip3.a in bzip3 up to version 1.2.2 (fixed in 1.2.3). The issue is an xwrite out-of-bounds read in the library, yielding a high impact on availability per the CVSS vector. Documents from OSV and Nessus corroborate the vulnerability description. Affected component/file:...
CVE-2023-29419
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3decodeblock out-of-bounds read...
CVE-2023-29417
CVE-2023-29417 affects the libbzip3.a component in bzip3 1.2.2, where bz3_decompress can perform an out-of-bounds read if buffers passed to bzip3 do not have enough space for decompressed data. The vendor characterizes this as a contract-violation report and notes it as invalid from their perspec...
PT-2023-22246 · Bzip3 · Bzip3
Name of the Vulnerable Software and Affected Versions: bzip3 versions prior to 1.2.3 Description: An issue was discovered in libbzip3.a. There is an xwrite out-of-bounds read. Recommendations: For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue...
CVE-2023-29420
CVE-2023-29420 affects libbzip3.a in bzip3, with a crash caused by an invalid memmove in bz3_decode_block present in versions before 1.2.3. The issue enables a NETWORK attack with LOW complexity and requires user interaction, yielding HIGH impact to availability and MEDIUM overall severity (CVSS ...