{"id":"PYSEC-2020-343","details":"blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.","aliases":["CVE-2020-29367","GHSA-8c7c-2c8j-3xfp"],"modified":"2026-06-12T14:00:13.575946492Z","published":"2020-11-27T20:15:00Z","withdrawn":"2024-11-22T04:37:03Z","references":[{"type":"FIX","url":"https://github.com/Blosc/c-blosc2/commit/c4c6470e88210afc95262c8b9fcc27e30ca043ee"},{"type":"ARTICLE","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26442"},{"type":"WEB","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26442"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-8c7c-2c8j-3xfp"}],"affected":[{"package":{"name":"blosc2","ecosystem":"PyPI","purl":"pkg:pypi/blosc2"},"ranges":[{"type":"GIT","repo":"https://github.com/Blosc/c-blosc2","events":[{"introduced":"0"},{"fixed":"c4c6470e88210afc95262c8b9fcc27e30ca043ee"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.1.1","0.1.10","0.1.2","0.1.3","0.1.4","0.1.5","0.1.6","0.1.7","0.1.8","0.1.9","0.2.0","0.3.0","0.3.1","0.3.2","0.4.0","0.4.1","0.5.1","0.5.2","0.6.1","0.6.2","0.6.3","0.6.4","0.6.5","0.6.6","2.0.0","2.1.0","2.1.1","2.2.0","2.2.1","2.2.2","2.2.3","2.2.4","2.2.5","2.2.6","2.2.7","2.2.8","2.2.9","2.3.0","2.3.1","2.3.2","2.4.0","2.5.0","2.5.1","2.6.0","2.6.1","2.6.2","2.7.0","2.7.1","3.0.0","3.0.0b1","3.0.0b3","3.0.0b4","3.0.0rc1","3.0.0rc2","3.0.0rc3","3.1.0","3.1.1","3.10.0","3.10.1","3.10.2","3.11.0","3.11.1","3.12.0","3.12.1","3.12.2","3.2.0","3.2.1","3.3.0","3.3.1","3.3.2","3.3.3","3.3.4","3.4.0","3.5.0","3.5.1","3.6.0","3.6.1","3.7.0","3.7.1","3.7.2","3.8.0","3.9.0","3.9.1","4.0.0","4.0.0b1","4.1.0","4.1.1","4.1.2","4.2.0","4.3.0","4.3.1","4.3.3","4.4.1","4.4.2","4.4.3","4.4.4","4.4.5","v2.0.0.beta.5","v2.0.0-beta.4","v2.0.0-beta.3","v2.0.0-beta.1","v2.0.0a5","v2.0.0a4","v2.0.0a3","v2.0.0a2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/blosc2/PYSEC-2020-343.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}