All 5 CVE vulnerabilities found in xz, with AI-generated Chinese analysis, references, and POCs.
Vendor: ulikunitz
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34743 | XZ Utils: Buffer overflow in lzma_index_append() CWE-122 | 7.5AI | HighAI | 2026-04-02 |
| CVE-2025-58058 | github.com/ulikunitz/xz leaks memory when decoding a corrupted multiple LZMA archives CWE-770 | 5.3 | Medium | 2025-08-28 |
| CVE-2025-31115 | XZ has a heap-use-after-free bug in threaded .xz decoder CWE-366 | 7.5AI | HighAI | 2025-04-03 |
| CVE-2024-47611 | XZ Utils on Microsoft Windows platform are vulnerable to argument injection CWE-88 | 9.4 | - | 2024-10-02 |
| CVE-2021-29482 | denial of service in github.com/ulikunitz/xz CWE-835 | 7.5 | High | 2021-04-28 |
All 5 known CVE vulnerabilities affecting xz with full Chinese analysis, references, and POCs where available.