Rish9101

**Name of the Vulnerable Software and Affected Versions** C-blosc2 versions prior to 2.9.3 **Description** The issue is related to a NULL pointer dereference in the function `zfp prec decompress` at `zfp/blosc2-zfp.c`. This indicates a problem where the code attempts to access memory through a pointer that has not been initialized, leading to potential crashes or other unexpected behavior. **Recommendations** For versions prior to 2.9.3, update to version 2.9.3 or later to resolve the issue. As a temporary workaround, consider disabling the `zfp prec decompress` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** C-blosc2 versions prior to 2.9.3 **Description** The issue is related to a NULL pointer dereference in the ndlz/ndlz8x8.c file of C-blosc2. This occurs when a NULL pointer is passed to the memset function. **Recommendations** For versions prior to 2.9.3, update to version 2.9.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** C-blosc2 versions prior to 2.9.3 **Description** The issue is related to a NULL pointer dereference in the `zfp acc decompress` function, located in the zfp/blosc2-zfp.c file. This indicates a problem where the software attempts to access memory through a null, or non-existent, pointer, which can lead to crashes or potentially allow an attacker to execute arbitrary code. **Recommendations** For versions prior to 2.9.3, update to version 2.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `zfp acc decompress` function until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** C-blosc2 versions prior to 2.9.3 **Description** The issue is related to a NULL pointer dereference in the function `zfp rate decompress` at `zfp/blosc2-zfp.c`. This indicates a problem where the code attempts to access memory through a null (non-existent) pointer, which can lead to crashes or potentially allow an attacker to execute arbitrary code. **Recommendations** For versions prior to 2.9.3, update to version 2.9.3 or later to resolve the issue. As a temporary workaround, consider disabling the `zfp rate decompress` function until a patch is available.