3 matches found
Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service due to use of Bytes (CVE-2026-25541)
Summary IBM DataPower Gateway uses Bytes in the 'Gateway Peering' feature, and in 10.6.0 and 10.6CD only the 'GitOps' feature. Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to...
Security Bulletin: IBM Edge Data Collector uses bytes-1.10.0.crate which is vulnerable to CVE-2026-25541.
Summary IBM Edge Data Collector uses bytes-1.10.0.crate which is vulnerable to CVE-2026-25541. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 to before...
CVE-2026-25541
Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...