CVE-2023-37188
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-37188
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-37188.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-37188
- Published
- 2023-12-25T07:15:09Z
- Modified
- 2025-10-16T09:59:44.344735Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfpratedecompress at zfp/blosc2-zfp.c.
- References
Affected packages
Git / github.com/blosc/c-blosc2
Affected ranges
- Type
- GIT
- Repo
- https://github.com/blosc/c-blosc2
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v2.*
v2.0.0
v2.0.0-beta.1
v2.0.0-beta.2
v2.0.0-beta.3
v2.0.0-beta.4
v2.0.0-rc2
v2.0.0.beta.5
v2.0.0.rc1
v2.0.0a2
v2.0.0a3
v2.0.0a4
v2.0.0a5
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.1.0
v2.1.1
v2.2.0
v2.3.0
v2.3.1
v2.4.0
v2.4.1
v2.4.2
v2.4.3
v2.5.0
v2.6.0
v2.6.1
v2.7.0
v2.7.1
v2.8.0
v2.9.0
v2.9.1
v2.9.2
Database specific
{
"vanir_signatures": [
{
"source": "https://github.com/blosc/c-blosc2/commit/425e8a9a59d49378d57e2116b6c9b0190a5986f5",
"signature_type": "Function",
"target": {
"file": "plugins/codecs/zfp/blosc2-zfp.c",
"function": "zfp_acc_decompress"
},
"id": "CVE-2023-37188-243262aa",
"digest": {
"function_hash": "94127332930328714979693753838572680684",
"length": 2092.0
},
"deprecated": false,
"signature_version": "v1"
},
{
"source": "https://github.com/blosc/c-blosc2/commit/425e8a9a59d49378d57e2116b6c9b0190a5986f5",
"signature_type": "Function",
"target": {
"file": "plugins/codecs/zfp/blosc2-zfp.c",
"function": "zfp_rate_decompress"
},
"id": "CVE-2023-37188-4f2d316c",
"digest": {
"function_hash": "84999816630490408576061315651453273397",
"length": 2126.0
},
"deprecated": false,
"signature_version": "v1"
},
{
"source": "https://github.com/blosc/c-blosc2/commit/425e8a9a59d49378d57e2116b6c9b0190a5986f5",
"signature_type": "Line",
"target": {
"file": "plugins/codecs/zfp/blosc2-zfp.c"
},
"id": "CVE-2023-37188-5aea0ff0",
"digest": {
"threshold": 0.9,
"line_hashes": [
"161527728979400029412440444892036809933",
"21137111373737748289023170854430580492",
"140013078349516273885791395039023446130",
"214791312930363697288435407393345526869",
"30279173499786461662774045591952334647",
"17059637026080409842366646942312157571",
"289805975329791131923105996838758108189",
"17317268047504292008235798067686073659",
"161527728979400029412440444892036809933",
"147684375185758393188901203572542378077",
"69813893332901692759865926115812557276",
"307567409048620837880448517465486490573",
"30279173499786461662774045591952334647",
"17059637026080409842366646942312157571",
"289805975329791131923105996838758108189",
"17317268047504292008235798067686073659",
"161527728979400029412440444892036809933",
"301784655629111742594683156765617453306",
"223991770995064550130844361093166911378",
"50378428659861916935466505186264407059",
"30279173499786461662774045591952334647",
"17059637026080409842366646942312157571",
"289805975329791131923105996838758108189",
"17317268047504292008235798067686073659"
]
},
"deprecated": false,
"signature_version": "v1"
},
{
"source": "https://github.com/blosc/c-blosc2/commit/425e8a9a59d49378d57e2116b6c9b0190a5986f5",
"signature_type": "Function",
"target": {
"file": "plugins/codecs/zfp/blosc2-zfp.c",
"function": "zfp_rate_compress"
},
"id": "CVE-2023-37188-5e3a8272",
"digest": {
"function_hash": "213766312587182360207495961885289091047",
"length": 3060.0
},
"deprecated": false,
"signature_version": "v1"
},
{
"source": "https://github.com/blosc/c-blosc2/commit/425e8a9a59d49378d57e2116b6c9b0190a5986f5",
"signature_type": "Function",
"target": {
"file": "plugins/codecs/zfp/blosc2-zfp.c",
"function": "zfp_prec_compress"
},
"id": "CVE-2023-37188-ec4f3bbf",
"digest": {
"function_hash": "33668023146656601829651730774272162036",
"length": 3082.0
},
"deprecated": false,
"signature_version": "v1"
},
{
"source": "https://github.com/blosc/c-blosc2/commit/425e8a9a59d49378d57e2116b6c9b0190a5986f5",
"signature_type": "Function",
"target": {
"file": "plugins/codecs/zfp/blosc2-zfp.c",
"function": "zfp_acc_compress"
},
"id": "CVE-2023-37188-fde65889",
"digest": {
"function_hash": "155714164167155645323941631240721333322",
"length": 2701.0
},
"deprecated": false,
"signature_version": "v1"
},
{
"source": "https://github.com/blosc/c-blosc2/commit/425e8a9a59d49378d57e2116b6c9b0190a5986f5",
"signature_type": "Function",
"target": {
"file": "plugins/codecs/zfp/blosc2-zfp.c",
"function": "zfp_prec_decompress"
},
"id": "CVE-2023-37188-ff2f781f",
"digest": {
"function_hash": "292854444698699780685408884530219144817",
"length": 2473.0
},
"deprecated": false,
"signature_version": "v1"
}
]
}