CVE-2026-34743 in xzinformation

Résumé (Anglaise)

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzma_index_decoder() was used to decode an Index that contained no Records, the resulting lzma_index was left in a state where where a subsequent lzma_index_append() would allocate too little memory, and a buffer overflow would occur. This issue has been patched in version 5.8.3.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsable

GitHub_M

Réserver

30/03/2026

Divulgation

02/04/2026

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
355024tukaani-project xz Compression lzma_index_decoder buffer overflow122Non définiCorrectif officielCVE-2026-34743

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!