彙總 bzip3_project 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 緩衝區溢位與記憶體損壞,在 歸檔處理、檔案處理與自動化解壓 使用場景中可能帶來 應用程式崩潰與記憶體損壞 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2023-29421 | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block. | [email protected] | 8.8 | 0.92% | 2023-04-06 | 2026-06-17 |
| CVE-2023-29420 | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block. | [email protected] | 6.5 | 0.89% | 2023-04-06 | 2026-06-17 |
| CVE-2023-29419 | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3_decode_block out-of-bounds read. | [email protected] | 6.5 | 0.89% | 2023-04-06 | 2026-06-17 |
| CVE-2023-29418 | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read. | [email protected] | 6.5 | 0.89% | 2023-04-06 | 2026-06-17 |
| CVE-2023-29417 | An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid. | [email protected] | 6.5 | 0.80% | 2023-04-06 | 2026-06-17 |
| CVE-2023-29416 | An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais. | [email protected] | 6.5 | 0.90% | 2023-04-06 | 2026-06-17 |
| CVE-2023-29415 | An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial of service (process hang) can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais. | [email protected] | 6.5 | 0.85% | 2023-04-06 | 2026-06-17 |