CVE-2023-29421

HIGH

bzip3 < 1.2.3 - Out-of-bounds Write in bz3_decode_block

Title source: llm
STIX 2.1

Description

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block.

Scores

CVSS v3 8.8
EPSS 0.0092
EPSS Percentile 55.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-787
Status published
Products (1)
bzip3_project/bzip3 < 1.2.3
Published Apr 06, 2023
Tracked Since Feb 18, 2026