Bzip2@* Security Vulnerabilities and Issues — Bzip2@* CVE List

Lucene search

BzipBzip2*

4 matches found

CVE•added 2019/06/19 11:15 p.m.•1049 views

CVE-2019-12900

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

9.8CVSS9.6AI score0.0114EPSS

CVE•added 2010/09/28 6:0 p.m.•96 views

CVE-2010-0405

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

5.1CVSS6.6AI score0.0921EPSS

CVE•added 2005/05/19 4:0 a.m.•68 views

CVE-2005-1260

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

5CVSS7.1AI score0.09796EPSS

CVE•added 2014/04/16 6:37 p.m.•52 views

CVE-2011-4089

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

4.6CVSS7.2AI score0.00222EPSS