Vulnerability Details CVE-2023-39743
lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.2%
CVSS Severity
CVSS v3 Score 5.3
References
- https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084
- https://github.com/huanglei3/lrzip-next-poc/tree/main
- https://github.com/pete4abw/lrzip-next/issues/132
- https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084
- https://github.com/huanglei3/lrzip-next-poc/tree/main
- https://github.com/pete4abw/lrzip-next/issues/132
Products affected by CVE-2023-39743
-
cpe:2.3:a:pete4abw:lzma_software_development_kit:23.01