VulnerableCode Package Details - pkg:pypi/bsdiff4@1.1.7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/bsdiff4@1.1.7

Essentials
History (4)

purl	pkg:pypi/bsdiff4@1.1.7

Next non-vulnerable version	1.2.0
Latest non-vulnerable version	1.2.0
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-u5vq-9j18-zfdu Aliases: CVE-2020-15904 GHSA-f8m3-jpxr-hm5x PYSEC-2020-30	A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file.	1.2.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T09:02:01.315807+00:00	GHSA Importer	Affected by	VCID-u5vq-9j18-zfdu	https://github.com/advisories/GHSA-f8m3-jpxr-hm5x	38.6.0
2026-06-12T17:23:09.664131+00:00	GitLab Importer	Affected by	VCID-u5vq-9j18-zfdu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bsdiff4/CVE-2020-15904.yml	38.6.0
2026-06-12T04:03:48.407886+00:00	Pypa Importer	Affected by	VCID-u5vq-9j18-zfdu	https://github.com/pypa/advisory-database/blob/main/vulns/bsdiff4/PYSEC-2020-30.yaml	38.6.0
2026-06-11T20:45:46.392736+00:00	PyPI Importer	Affected by	VCID-u5vq-9j18-zfdu	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0