CVE-2023-37185 | C-Blosc2 up to 2.9.2 zfp/blosc2-zfp.c zfp_prec_decompress null pointer dereference (Issue 519)

Inserito da Angelo Barbosa | Dic 25, 2023 | CVE

A vulnerability was found in C-Blosc2 up to 2.9.2. It has been declared as problematic. Affected by this vulnerability is the function zfp_prec_decompress of the file zfp/blosc2-zfp.c. The manipulation leads to null pointer dereference.

This vulnerability is known as CVE-2023-37185. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-37185 | C-Blosc2 up to 2.9.2 zfp/blosc2-zfp.c zfp_prec_decompress null pointer dereference (Issue 519)

Post correlati

CVE-2024-24510 | Alinto SOGo up to 5.9.x Mail import cross site scripting

CVE-2023-28949 | IBM Engineering Requirements Management 9.7.2.7 cross-site request forgery (XFDB-251216)

CVE-2024-9284 | TP-LINK TL-WR841ND up to 20240920 popupSiteSurveyRpm.htm ssid stack-based overflow

CVE-2024-2920 | WP-Members Membership Plugin up to 3.4.9.3 on WordPress information disclosure