Bzip2 Vulnerabilità

Sequenza temporale

Versione

1.0.1	9
1.0	7
1.0.2	6
1.0.3	5
0.9.5a	5

Contromisure

Official Fix	8
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	5

Sfruttabilità

High	0
Functional	0
Proof-of-Concept	5
Unproven	0
Not Defined	8

Accesso al vettore

Not Defined	0
Physical	0
Local	4
Adjacent	1
Network	8

Autenticazione

Not Defined	0
High	0
Low	1
None	12

Interazione dell'utente

Not Defined	0
Required	2
None	11

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	2
≤5	1
≤6	5
≤7	1
≤8	2
≤9	1
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	1
≤4	2
≤5	2
≤6	4
≤7	3
≤8	0
≤9	1
≤10	0

VulDB

≤1	0
≤2	0
≤3	1
≤4	2
≤5	2
≤6	4
≤7	1
≤8	3
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	1
≤8	1
≤9	0
≤10	1

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Fornitore

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 giorni

<1k	3
<2k	3
<5k	6
<10k	1
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	13
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (43): 0.4, 0.4.1, 0.4.2, 0.4.3, 0.9, 0.9 A, 0.9 B, 0.9 C, 0.9.0a, 0.9.0b, 0.9.0c, 0.9.5 A, 0.9.5 B, 0.9.5 C, 0.9.5 D, 0.9.5a, 0.9.5b, 0.9.5c, 0.9.5d, 1, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 2.0.00 1, 2.0.00 12, 2.0.00 14, 2.0.01, 2.0.02, 2.0.03, 2.0.05, 2.0.06, 2.0.08, 2.0.09, 2.010, 2.011, 2.012, 2.014, 2.015, 2.017

Data di pubblicazione	Base	Temp	Vulnerabilità	0day	Oggi	Sfr	Con	CTI	CVE
09/04/2024	3.9	3.9	bzip2 API Endpoint denial of service	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05	CVE-2024-3508
10/01/2023	5.9	5.8	bzip2 Large File mem.rs buffer overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-22895
19/06/2019	8.5	8.5	bzip2 decompress.c BZ2_decompress buffer overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2019-12900
20/06/2016	6.5	6.2	bzip2 bzip2recover buffer overflow	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2016-3189
16/04/2014	5.9	5.6	bzip bzip2 escalazione di privilegi	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2011-4089
28/09/2010	7.3	6.6	bzip bzip2 decompress.c BZ2_decompress Remote Code Execution	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.04	CVE-2010-0405
19/08/2009	5.3	5.1	Bzip Compress-Raw-Bzip2 bzinflate denial of service	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2009-1884
18/03/2008	5.3	4.8	bzip bzip2 bzlib.c buffer overflow	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-1372
23/05/2005	7.5	6.7	bzip2 bzip2 Archive Decompressor denial of service	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2005-1260
02/05/2005	4.9	4.4	bzip2 escalazione di privilegi	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.04	CVE-2005-0953