3660 matches found
EUVD-2022-51474
Malicious code in bioql PyPI...
EUVD-2023-52302
Malicious code in bioql PyPI...
EUVD-2025-18585
Malicious code in bioql PyPI...
EUVD-2021-30248
Malicious code in bioql PyPI...
EUVD-2024-49228
Malicious code in bioql PyPI...
RLSA-2025:8047 Moderate: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
[SECURITY] Fedora 41 Update: rust-astral-tokio-tar-0.5.5-1.fc41
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
[SECURITY] Fedora 42 Update: rust-astral-tokio-tar-0.5.5-1.fc42
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
[SECURITY] Fedora 43 Update: rust-astral-tokio-tar-0.5.5-1.fc43
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This...
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
A flaw was found in Netty. With specially crafted input, BrotliDecoder and some other decompressing decoders will allocate a large number of reachable byte buffers, which can lead to denial of service...
CVE-2025-39924
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
SUSE CVE-2025-39924
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
CVE-2025-39924
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
UBUNTU-CVE-2025-39924
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
CVE-2025-39924 erofs: fix invalid algorithm for encoded extents
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
CVE-2025-39924
The CVE-2025-39924 issue concerns the Linux kernel erofs subsystem: encoded extents with an invalid algorithm check. The problem was that the existing sanity checks did not properly apply to the new encoded extents, and the fix unifies the algorithm check with Z_EROFS_COMPRESSION(_RUNTIME)_MAX an...
CVE-2025-39924 erofs: fix invalid algorithm for encoded extents
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
CVE-2025-39924 erofs: fix invalid algorithm for encoded extents
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
PT-2025-40098
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains an issue within the erofs filesystem related to encoded extents. The algorithm sanity checks do not correctly apply to new encoded extents, leading to...