Blosc/c-blosc2

Blosc/c-blosc2

Releases81

Frequency1 month 2 weeks

Last Release 4 days ago

Stars569

A fast, compressed, persistent binary data store library for C.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-29476 ↗	Apr 4, 2025Friday, 4 April 2025, 18:15	5.5 MEDIUM	—
Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz on commit 16450518afddcb3139de627157208e49bfef6987 in c-blosc2 v.2.17.0 and before.
CVE-2023-37187 ↗	Dec 25, 2023Monday, 25 December 2023, 07:15	7.5 HIGH	—
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfp_acc_decompress. function.
CVE-2023-37188 ↗	Dec 25, 2023Monday, 25 December 2023, 07:15	7.5 HIGH	—
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_rate_decompress at zfp/blosc2-zfp.c.
CVE-2023-37185 ↗	Dec 25, 2023Monday, 25 December 2023, 07:15	7.5 HIGH	—
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_prec_decompress at zfp/blosc2-zfp.c.
CVE-2023-37186 ↗	Dec 25, 2023Monday, 25 December 2023, 07:15	7.5 HIGH	—
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset.
CVE-2020-29367 ↗	Nov 27, 2020Friday, 27 November 2020, 20:15	7.8 HIGH	9.3 HIGH
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.