jetty-server: Jetty: Gzip Request Body Buffer Corruption

A flaw was found in Eclipse Jetty. This vulnerability allows corrupted and inadvertent data sharing between requests via a gzip error when inflating a request body. If the request body is malformed, the gzip decompression process can fail, resulting in the application inadvertently using data fro...

jetty-server: Jetty: Gzip Request Body Buffer Corruption

A flaw was found in Eclipse Jetty. This vulnerability allows corrupted and inadvertent data sharing between requests via a gzip error when inflating a request body. If the request body is malformed, the gzip decompression process can fail, resulting in the application inadvertently using data fro...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2020-14104

A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50...

ALSA-2025:0733 Moderate: bzip2 security update

The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fixes: bzip2: bzip2: Data integrity error when decompressing with data integrity test...

`ruzstd` uninit and out-of-bounds memory reads

Affected versions of ruzstd miscalculate the length of the allocated and init section of its internal RingBuffer, leading to uninitialized or out-of-bounds reads in copybytesovershooting of up to 15 bytes. This may result in up to 15 bytes of memory contents being written into the decoded data wh...

CVE-2020-14104

A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50...

Race condition

A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50...

CVE-2020-14104

A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50...

AZL-6342 CVE-2021-28831 affecting package busybox for versions less than 1.32.0-2

decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

CentOS 7 : libarchive (RHSA-2020:0203)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0203 advisory. - archivereadformatrarreaddata in archivereadsupportformatrar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVEFAILED situation, related to...

libarchive: use-after-free in archive_read_format_rar_read_data when there is an error in the decompression of an archive entry

A use-after-free vulnerability was discovered in libarchive in the way it processes RAR archives when there is an error in one of the archive's entries. An application that accepts untrusted RAR archives may be vulnerable to this flaw, which could allow a remote attacker to cause a denial of...

libarchive: use-after-free in archive_read_format_rar_read_data when there is an error in the decompression of an archive entry

A use-after-free vulnerability was discovered in libarchive in the way it processes RAR archives when there is an error in one of the archive's entries. An application that accepts untrusted RAR archives may be vulnerable to this flaw, which could allow a remote attacker to cause a denial of...

libarchive: use-after-free in archive_read_format_rar_read_data when there is an error in the decompression of an archive entry

A use-after-free vulnerability was discovered in libarchive in the way it processes RAR archives when there is an error in one of the archive's entries. An application that accepts untrusted RAR archives may be vulnerable to this flaw, which could allow a remote attacker to cause a denial of...

UBUNTU-CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

Backup Copy or Replication job using WAN accelerators fails with "Source WAN accelerator error: Failed to decompress LZ4 block"

Challenge A Backup Copy or Replication job that uses WAN accelerator fails with any of the following errors: Error: Source WAN accelerator error: Failed to decompress LZ4 block: Bad crc Error: Source WAN accelerator error: Failed to decompress LZ4 block: Incorrect decompression result or length...

wireshark: The WCP dissector could crash while decompressing data (wnpa-sec-2015-07)

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...

CVE-2015-4471

Off-by-one error in the lzxddecompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer under-read and application crash via a crafted CAB archive...

Fedora 21 : pigz-2.3.3-1.fc21 (2015-1488)

Update to 2.3.3, fixes CVE-2015-1191 : - Return zero exit code when only warnings are issued - Increase speed of unlzw Unix compress decompression - Update zopfli to current google state - Allow larger maximum blocksize -b, now 512 MiB - Do not require that -d precede -N, -n, -T options - Strip a...

Zlib decompression error: [-3] | Failed to decompress LZ4 block

Challenge A Backup Job or Restore fails with either of the following errors: Zlib decompression error: -3. or Failed to decompress LZ4 block: Cause When the software reads from a an existing restore point it performs error detection using Cyclic Redundancy Checks CRC to validate the data. The err...