[SECURITY] Fedora 41 Update: p7zip-16.02-31.fc41

p7zip is a port of 7za.exe for Unix. 7-Zip is a file archiver with a very high compression ratio. The original version can be found at http://www.7-zip.org/...

FreeBSD : Unbound -- Denial of service attack (2368755b-83f6-11ef-8d2e-a04a5edf46d9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2368755b-83f6-11ef-8d2e-a04a5edf46d9 advisory. NLnet labs report: A vulnerability has been discovered in Unbound when handling replies with very large...

[SECURITY] Fedora 40 Update: p7zip-16.02-31.fc40

p7zip is a port of 7za.exe for Unix. 7-Zip is a file archiver with a very high compression ratio. The original version can be found at http://www.7-zip.org/...

SUSE CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

DEBIAN-CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

ALPINE-CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

AZL-49915 CVE-2024-8508 affecting package unbound for versions less than 1.19.1-4

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

AZL-49976 CVE-2024-8508 affecting package unbound for versions less than 1.19.1-3

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

UBUNTU-CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

CVE-2024-8508 Unbounded name compression could lead to Denial of Service

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

CVE-2024-8508 Unbounded name compression could lead to Denial of Service

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

CVE-2024-8508

CVE-2024-8508 affects NLnet Labs Unbound up to v1.21.0, where handling replies with very large RRsets during name compression could exhaust CPU and cause DoS under crafted queries from malicious upstreams. The public-risk detail is supported by multiple sources in connected documents, which state...

CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

NLnet Unbound 安全漏洞

NLnet Unbound is an open source DNS server from the Dutch NLnet team. A security vulnerability exists in NLnet Unbound version 1.21.0 and earlier, which stems from a name compression operation that needs to be performed when processing replies containing very large RRsets, which could result in a...

PT-2024-39063

Name of the Vulnerable Software and Affected Versions: NLnet Labs Unbound versions 1.21.0 and earlier Description: The issue arises when handling replies with very large RRsets that require name compression. Malicious upstream responses with very large RRsets can cause Unbound to spend a...

Unbound -- Denial of service attack

NLnet labs report: A vulnerability has been discovered in Unbound when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to...

CVE-2024-47611

XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...

CVE-2024-47611 XZ Utils on Microsoft Windows platform are vulnerable to argument injection

XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...

PT-2024-40590 · Git +1 · Libultrahdr

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the format message function, which is called by...