Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bzip2
(Bzip)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 10 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-09-28 | CVE-2010-0405 | Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file. | Bzip2, Libzip2 | N/A | ||
| 2016-06-30 | CVE-2016-3189 | Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. | Bzip2, Python | 6.5 | ||
| 2019-06-19 | CVE-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | Bzip2, Ubuntu_linux, Debian_linux, Freebsd, Leap, Python | 9.8 |