VulnerableCode Package Details - pkg:deb/ubuntu/bzip2@1.0.5-7

Search for packages

Package details: pkg:deb/ubuntu/bzip2@1.0.5-7

Essentials
History (0)

purl	pkg:deb/ubuntu/bzip2@1.0.5-7

Next non-vulnerable version	1.0.6-8.1ubuntu0.2
Latest non-vulnerable version	1.0.6-8.1ubuntu0.2
Risk	4.4

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-8urm-9ubj-aaac Aliases: CVE-2019-12900	BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.	1.0.6-8.1ubuntu0.2 Affected by 0 other vulnerabilities.
VCID-ftyp-se1c-aaab Aliases: CVE-2016-3189	Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.	1.0.6-8.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version