CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29420
https://notcve.org/view.php?id=CVE-2023-29420
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block. • https://github.com/kspalaiologos/bzip3/commit/bb06deb85f1c249838eb938e0dab271d4194f8fa https://github.com/kspalaiologos/bzip3/compare/1.2.2...1.2.3 https://github.com/kspalaiologos/bzip3/issues/92 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JLSE25SV7K2NB6FTFT4UHJOJUHBHYHY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA7S7HDUAINOTCSWQZ5LIW756DYY22V2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29421
https://notcve.org/view.php?id=CVE-2023-29421
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block. • https://github.com/kspalaiologos/bzip3/compare/1.2.2...1.2.3 https://github.com/kspalaiologos/bzip3/issues/94 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JLSE25SV7K2NB6FTFT4UHJOJUHBHYHY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA7S7HDUAINOTCSWQZ5LIW756DYY22V2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMLFV2FJK3CM7NJLVPZI5RUAFQZICPWW • CWE-787: Out-of-bounds Write •