Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-daqf-e6g1-w7hu

Summary

Out-of-bounds Read
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read.

Aliases

alias	CVE-2023-29418

Fixed_packages

url	pkg:conan/bzip3@1.2.3
purl	pkg:conan/bzip3@1.2.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/bzip3@1.2.3

Affected_packages

References

reference_url

reference_id

reference_type

scores

url

reference_url	https://github.com/kspalaiologos/bzip3/commit/aae16d107f804f69000c09cd92027a140968cc9d
reference_id
reference_type
scores
url	https://github.com/kspalaiologos/bzip3/commit/aae16d107f804f69000c09cd92027a140968cc9d

reference_url	https://github.com/kspalaiologos/bzip3/compare/1.2.2...1.2.3
reference_id
reference_type
scores
url	https://github.com/kspalaiologos/bzip3/compare/1.2.2...1.2.3

reference_url	https://github.com/kspalaiologos/bzip3/issues/92
reference_id
reference_type
scores
url	https://github.com/kspalaiologos/bzip3/issues/92

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-29418
reference_id	CVE-2023-29418
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-29418

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	125
name	Out-of-bounds Read
description	The product reads data past the end, or before the beginning, of the intended buffer.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-daqf-e6g1-w7hu

Vulnerability Instance