Uncontrolled Resource Consumption in Apache Commons Compress

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...

AT&T Labs Xmill 缓冲区错误漏洞

AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs. A buffer error vulnerability exists in AT&T Labs' Compressor XMilI and decompressor XDemill, which could be exploited by an attacker to cause code execution with elevated privileges on an engineering workstation. T...

SUSE: Security Advisory (SUSE-SU-2021:2834-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AT&T Labs Xmill 缓冲区错误漏洞

Xmill is an efficient compressor of XML data. a stack buffer overflow vulnerability exists in the command line parsing HandleFileArg function in Xmill version 0.7. An attacker could exploit the vulnerability by providing malicious input via the filepattern parameter to cause a denial of service...

SUSE: Security Advisory (SUSE-SU-2018:0862-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2021-26260

An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215...

dll hijacking vulnerability in flypress compression software

Flying Pressure Compressor is a compression and decompression software. FlyPress Compressor has a dll hijacking vulnerability that can be exploited by attackers to gain control of the server...

PT-2021-4596 · Openexr +4 · Openexr +4

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.0.1 Description: The issue is related to an integer overflow leading to a heap-buffer overflow in the DwaCompressor component of OpenEXR. This flaw can be exploited by an attacker to crash an application compiled...

PT-2021-4553 · Openexr +4 · Openexr +4

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.0.1 Description: The issue is related to an integer overflow leading to a heap-buffer overflow in the DwaCompressor component of OpenEXR. This flaw can be exploited by an attacker to cause a denial of service,...

LEPTON ma*** function has a heap out-of-bounds write vulnerability

LEPTON is a new lossless compression algorithm open-sourced by Dropbox, capable of lossless compression of JPEG images by an average of 22%. A heap out-of-bounds write vulnerability exists in the LEPTON ma function. An attacker can exploit this vulnerability to cause a program crash...

Fedora: Security Advisory for golang-github-andybalholm-brotli (FEDORA-2020-e21bd401ad)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: golang-github-andybalholm-brotli-1.0.1-1.fc31

This package is a brotli compressor and decompressor implemented in Go. It was translated from the reference implementation https://github.com/google/bro tli with the c2go tool at https://github.com/andybalholm/c2go...

[SECURITY] Fedora 32 Update: golang-github-andybalholm-brotli-1.0.1-1.fc32

This package is a brotli compressor and decompressor implemented in Go. It was translated from the reference implementation https://github.com/google/bro tli with the c2go tool at https://github.com/andybalholm/c2go...

[SECURITY] Fedora 33 Update: golang-github-andybalholm-brotli-1.0.1-1.fc33

This package is a brotli compressor and decompressor implemented in Go. It was translated from the reference implementation https://github.com/google/bro tli with the c2go tool at https://github.com/andybalholm/c2go...

Fedora: Security Advisory for golang-github-andybalholm-brotli (FEDORA-2020-22d278923a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DEBIAN-CVE-2020-11765

An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read...

DEBIAN-CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

AZL-44829 CVE-2020-11765 affecting package OpenEXR 2.3.0-6

An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read...

Pulverizr Injection Vulnerability

pulverizr is an image compressor. A security vulnerability exists in pulverizr 0.7.0 and earlier versions, which stems from a failure to perform any cleanup on the 'filename' parameter, which is directly used by the function. The vulnerability can be exploited to execute arbitrary commands...

Foxit PDF Compression Master DLL Hijacking Vulnerability

Foxit PDF Compression Master is a document compression software. Foxit PDF Compressor has a DLL hijacking vulnerability. An attacker can exploit this vulnerability to load a fake malicious dll file...