VulnerableCode Package Details - pkg:pypi/bsdiff4@1.2.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/bsdiff4@1.2.0

Essentials
History (5)

purl	pkg:pypi/bsdiff4@1.2.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-u5vq-9j18-zfdu	A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file.	CVE-2020-15904 GHSA-f8m3-jpxr-hm5x PYSEC-2020-30

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T09:02:01.326295+00:00	GHSA Importer	Fixing	VCID-u5vq-9j18-zfdu	https://github.com/advisories/GHSA-f8m3-jpxr-hm5x	38.6.0
2026-06-12T17:23:09.676791+00:00	GitLab Importer	Fixing	VCID-u5vq-9j18-zfdu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/bsdiff4/CVE-2020-15904.yml	38.6.0
2026-06-12T08:21:07.377927+00:00	GithubOSV Importer	Fixing	VCID-u5vq-9j18-zfdu	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-f8m3-jpxr-hm5x/GHSA-f8m3-jpxr-hm5x.json	38.6.0
2026-06-12T04:03:48.418586+00:00	Pypa Importer	Fixing	VCID-u5vq-9j18-zfdu	https://github.com/pypa/advisory-database/blob/main/vulns/bsdiff4/PYSEC-2020-30.yaml	38.6.0
2026-06-11T20:45:46.407251+00:00	PyPI Importer	Fixing	VCID-u5vq-9j18-zfdu	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0