Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:conan/bzip3@1.2.3
purl pkg:conan/bzip3@1.2.3
Next non-vulnerable version 1.3.0
Latest non-vulnerable version 1.3.0
Risk
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-pukg-3va1-tfbp
Aliases:
CVE-2023-29416
Out-of-bounds Write An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.
1.3.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-29sb-pjyc-5fbc Out-of-bounds Read An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid. CVE-2023-29417
VCID-3ftb-aqmf-7qbs Out-of-bounds Read An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3_decode_block out-of-bounds read. CVE-2023-29419
VCID-9dqc-451s-r3e9 Improper Restriction of Operations within the Bounds of a Memory Buffer An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block. CVE-2023-29420
VCID-daqf-e6g1-w7hu Out-of-bounds Read An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read. CVE-2023-29418
VCID-z8s5-gqns-ybdn Out-of-bounds Write An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block. CVE-2023-29421

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-01T07:23:25.700348+00:00 GitLab Importer Affected by VCID-pukg-3va1-tfbp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29416.yml 38.6.0
2026-05-30T21:00:15.858602+00:00 GitLab Importer Fixing VCID-9dqc-451s-r3e9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29420.yml 38.6.0
2026-05-30T21:00:15.814932+00:00 GitLab Importer Fixing VCID-3ftb-aqmf-7qbs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29419.yml 38.6.0
2026-05-30T21:00:15.726554+00:00 GitLab Importer Fixing VCID-29sb-pjyc-5fbc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29417.yml 38.6.0
2026-05-30T21:00:15.621445+00:00 GitLab Importer Fixing VCID-z8s5-gqns-ybdn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29421.yml 38.6.0
2026-05-30T21:00:15.530138+00:00 GitLab Importer Fixing VCID-daqf-e6g1-w7hu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/bzip3/CVE-2023-29418.yml 38.6.0