[SECURITY] Fedora 44 Update: nginx-mod-brotli-1.0.0~rc-10.fc44

NGINX module for Brotli compression...

[SECURITY] Fedora 42 Update: nginx-mod-brotli-1.0.0~rc-9.fc42

NGINX module for Brotli compression...

[SECURITY] Fedora 43 Update: nginx-mod-brotli-1.0.0~rc-9.fc43

NGINX module for Brotli compression...

[SECURITY] Fedora 44 Update: nginx-mod-brotli-1.0.0~rc-9.fc44

NGINX module for Brotli compression...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the HttpContentDecompressor and DelegatingDecompressorFrameListener components when the Content-Encoding header is set to br, zstd, or snappy. An attacker can exhaust...

[SECURITY] Fedora 44 Update: nginx-mod-brotli-1.0.0~rc-7.fc44

NGINX module for Brotli compression...

[SECURITY] Fedora 42 Update: nginx-mod-brotli-1.0.0~rc-6.fc42

NGINX module for Brotli compression...

[SECURITY] Fedora 43 Update: nginx-mod-brotli-1.0.0~rc-6.fc43

NGINX module for Brotli compression...

Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS

Scrapy are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occur...

[SECURITY] Fedora 42 Update: nginx-mod-brotli-1.0.0~rc-4.fc42

NGINX module for Brotli compression...

[SECURITY] Fedora 43 Update: nginx-mod-brotli-1.0.0~rc-4.fc43

NGINX module for Brotli compression...

EUVD-2016-3057

Malware in sbrugna...

RHEL 8 : brotli (RHSA-2021:1702)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1702 advisory. Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffma...

[SECURITY] Fedora 32 Update: brotli-1.0.9-3.fc32

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

CVE-2016-1624

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...

Integer overflow

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...

CVE-2016-1624

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...

UBUNTU-CVE-2016-1931

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data...