CVE-2023-29419: Out-of-bounds Read

April 6, 2023 (updated November 7, 2023)

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3_decode_block out-of-bounds read.

References

github.com/kspalaiologos/bzip3/commit/8ec8ce7d3d58bf42dabc47e4cc53aa27051bd602
github.com/kspalaiologos/bzip3/compare/1.2.2...1.2.3
github.com/kspalaiologos/bzip3/issues/92
nvd.nist.gov/vuln/detail/CVE-2023-29419

Detect and mitigate CVE-2023-29419 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →