PYSEC-2020-343

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/blosc2/PYSEC-2020-343.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2020-343

Aliases

Withdrawn

2024-11-22T04:37:03Z

Published

2020-11-27T20:15:00Z

Modified

2026-06-10T17:45:04.784452220Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.

References

Affected packages

PyPI / blosc2

Package

Name: blosc2; View open source insights on deps.dev
Purl: pkg:pypi/blosc2

Affected ranges

Type: GIT
Repo: https://github.com/Blosc/c-blosc2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c4c6470e88210afc95262c8b9fcc27e30ca043ee

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.1.1

0.1.2

0.1.3

0.1.4

0.1.5

0.1.6

0.1.7

0.1.8

0.1.9

0.1.10

0.2.0

0.3.0

0.3.1

0.3.2

0.4.0

0.4.1

0.5.1

0.5.2

0.6.1

0.6.2

0.6.3

0.6.4

0.6.5

0.6.6

v2.*

v2.0.0a2

v2.0.0a3

v2.0.0a4

v2.0.0a5

v2.0.0-beta.1

v2.0.0-beta.3

v2.0.0-beta.4

v2.0.0.beta.5

2.*

2.0.0

2.1.0

2.1.1

2.2.0

2.2.1

2.2.2

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

2.3.0

2.3.1

2.3.2

2.4.0

2.5.0

2.5.1

2.6.0

2.6.1

2.6.2

2.7.0

2.7.1

3.*

3.0.0b1

3.0.0b3

3.0.0b4

3.0.0rc1

3.0.0rc2

3.0.0rc3

3.0.0

3.1.0

3.1.1

3.2.0

3.2.1

3.3.0

3.3.1

3.3.2

3.3.3

3.3.4

3.4.0

3.5.0

3.5.1

3.6.0

3.6.1

3.7.0

3.7.1

3.7.2

3.8.0

3.9.0

3.9.1

3.10.0

3.10.1

3.10.2

3.11.0

3.11.1

3.12.0

3.12.1

3.12.2

4.*

4.0.0b1

4.0.0

4.1.0

4.1.1

4.1.2

4.2.0

4.3.0

4.3.1

4.3.3

4.4.1

4.4.2

4.4.3

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/blosc2/PYSEC-2020-343.yaml"