CVE-2026-26308

creationtimestamp| type| source ---|---|--- 2026-04-22 14:51:28+00:00| seen| https://gist.github.com/macaugh/0db1c6ca007245a29a114a7a574042bb...

CVE-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating eac...

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Apache Commons Compress

Summary Vulnerabilities have been identified in Apache Commons Compress, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons...

CVE-2021-26308

An issue was discovered in the marc crate before 2.0.0 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated memory, violating soundness...

CVE-2020-26308

Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

Security Bulletin: Vulnerability in commons-compress affects IBM Integrated Analytics System (Sailfish) [CVE-2024-25710, CVE-2024-26308]

Summary The commons-compress package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...

Security Bulletin: Vulnerability in commons-compress affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-25710, CVE-2024-26308].

Summary The commons-compress package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...

Security Bulletin: Denial of Service in Apache Commons Compress used by Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2024-25710, CVE-2024-26308)

Summary There is a potential denial of service in Apache Commons Compress that is used by Apache Solr and IBM Operations Analytics - Log Analysis. This is caused by loop with unreachable exit condition and allocation of resources without limits. Vulnerability Details CVEID:CVE-2024-25710...

Security Bulletin: IBM Sterling Control Center is vulnerable to Apache Commons Compress (CVE-2024-26308, CVE-2024-25710)

Summary Apache Commons Compress jar vulnerabilities are impacting IBM Sterling Control Center v6.3.1 and v6.2.1. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons...

Security Bulletin: Vulnerabilities in commons-compress-1.21.jar affects IBM SPSS Collaboration and Deployment Services (CVE-2024-25710, CVE-2024-26308)

Summary There are vulnerabilities in commons-compress-1.21.jar used by IBM SPSS Collaboration and Deployment Services CVE-2024-25710, CVE-2024-26308. These vulnerabilitiies have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION:...

Linux Distros Unpatched Vulnerability : CVE-2024-26308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26...

CVE-2025-26308

creationtimestamp| type| source ---|---|--- 2025-02-20 19:00:29+00:00| seen| https://t.me/cvedetector/18562 2025-02-24 18:26:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5197...

CVE-2025-26308

A memory leak has been identified in the parseSWFFILTERLIST function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file...

CVE-2025-26308

A memory leak has been identified in the parseSWFFILTERLIST function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file...

CVE-2025-26308

A memory leak has been identified in the parseSWFFILTERLIST function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file...

CVE-2025-26308

CVE-2025-26308 affects libming v0.4.8, where a memory leak in parseSWF_FILTERLIST (util/parser.c) can be triggered by a crafted SWF file to cause denial of service. The linked sources corroborate the issue across multiple feeds (NVD, Red Hat, Veracode, OSV, etc.), all citing the same memory-leak ...

Security Bulletin: Vulnerability in Apache commons-compress affects watsonx.data

Summary Apache Commons Compress is vulnerable to a denial of service attack and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. By persuading a victim to open a...

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack due to the Apache Commons Compress component (CVE-2024-25710, CVE-2024-26308).

Summary IBM Event Streams is vulnerable to a denial of service due to the Apache Commons Compress component. Commons Compress is a library that creates a standard interface for the most widely used compression and archiving formats. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache...

Security Bulletin: Vulnerability in Apache Commons Compress ( CVE-2024-26308) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability CVE-2024-26308 has been identified related to Apache Commons Compress that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-26308...

CVE-2020-26308

creationtimestamp| type| source ---|---|--- 2024-10-27 00:00:57+00:00| seen| https://t.me/cvedetector/9035...