VulnerableCode Package Details - pkg:conan/bzip3@1.2.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:conan/bzip3@1.2.2

Essentials
History (6)

purl	pkg:conan/bzip3@1.2.2

Next non-vulnerable version	1.3.0
Latest non-vulnerable version	1.3.0
Risk	4.0

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-29sb-pjyc-5fbc Aliases: CVE-2023-29417	Out-of-bounds Read An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid.	1.2.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-3ftb-aqmf-7qbs Aliases: CVE-2023-29419	Out-of-bounds Read An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3_decode_block out-of-bounds read.	1.2.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9dqc-451s-r3e9 Aliases: CVE-2023-29420	Improper Restriction of Operations within the Bounds of a Memory Buffer An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block.	1.2.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-daqf-e6g1-w7hu Aliases: CVE-2023-29418	Out-of-bounds Read An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read.	1.2.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-pukg-3va1-tfbp Aliases: CVE-2023-29416	Out-of-bounds Write An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.	1.3.0 Affected by 0 other vulnerabilities.
VCID-z8s5-gqns-ybdn Aliases: CVE-2023-29421	Out-of-bounds Write An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block.	1.2.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-01T07:23:25.872095+00:00	GitLab Importer	Affected by	VCID-9dqc-451s-r3e9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29420.yml	38.6.0
2026-06-01T07:23:25.784707+00:00	GitLab Importer	Affected by	VCID-3ftb-aqmf-7qbs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29419.yml	38.6.0
2026-06-01T07:23:25.695900+00:00	GitLab Importer	Affected by	VCID-pukg-3va1-tfbp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29416.yml	38.6.0
2026-06-01T07:23:22.181068+00:00	GitLab Importer	Affected by	VCID-z8s5-gqns-ybdn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29421.yml	38.6.0
2026-06-01T07:23:21.719971+00:00	GitLab Importer	Affected by	VCID-daqf-e6g1-w7hu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29418.yml	38.6.0
2026-05-30T21:00:15.722408+00:00	GitLab Importer	Affected by	VCID-29sb-pjyc-5fbc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29417.yml	38.6.0