Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

GHSA-FRH3-6PV6-RC8J Bandit's unbounded WebSocket inflate causes BEAM OOM with a single frame

Summary When a Bandit-fronted server has explicitly enabled WebSocket permessage-deflate compress: true, an unauthenticated client can OOM the BEAM with a single 6 MiB WebSocket frame. Bandit's inflate step has no output-size cap, so a small high-ratio compressed frame e.g. zeros, 1024:1 ratio...

Bandit's unbounded WebSocket inflate causes BEAM OOM with a single frame

Summary When a Bandit-fronted server has explicitly enabled WebSocket permessage-deflate compress: true, an unauthenticated client can OOM the BEAM with a single 6 MiB WebSocket frame. Bandit's inflate step has no output-size cap, so a small high-ratio compressed frame e.g. zeros, 1024:1 ratio...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the HttpContentDecompressor and DelegatingDecompressorFrameListener components when the Content-Encoding header is set to br, zstd, or snappy. An attacker can exhaust...

GHSA-F6HV-JMP6-3VWV Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy leads to decompression bomb DoS

Summary HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent decompression bomb attacks. This limit is correctly enforced for gzip and deflate encodings via ZlibDecoder, but is silently ignored when the content encoding is br Brotli, zstd, or...

Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy leads to decompression bomb DoS

Summary HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent decompression bomb attacks. This limit is correctly enforced for gzip and deflate encodings via ZlibDecoder, but is silently ignored when the content encoding is br Brotli, zstd, or...

Netty Lz4FrameDecoder is vulnerable to resource exhaustion

Summary Lz4FrameDecoder allocates a ByteBuf of size decompressedLength up to 32 MB per block before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if compressedLength == 1 - to force that allocation. Details...

RHEL 9 : python3.11 (RHSA-2026:14653)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14653 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

MiracleLinux 8 : python3-3.6.8-76.el8_10.ML.1 (AXSA:2026-547:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-547:06 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

RHEL 9 : python3.11 (RHSA-2026:14652)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14652 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

PT-2026-38379

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.133.Final Netty versions prior to 4.2.13.Final Description HttpContentDecompressor and DelegatingDecompressorFrameListener used for HTTP/2 connections utilize a maxAllocation parameter to limit decompression buffer...

GHSA-PGGP-6C3X-2XMX Snappier has an infinite loop during SnappyStream decompression with malformed framed input

Summary Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. Details The hang manifests as a userspace busy loop with SnappyStreamDecompressor.Decompress repeatedly calling Crc32CAlgorithm.Append. The exact...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the SnappyStreamDecompressor class, when decompressing malformed framed-format input. An attacker can cause the application to exhaust system resources by providing malicious stream data as small as 15 bytes PoC using...

Snappier has an infinite loop during SnappyStream decompression with malformed framed input

Summary Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. Details The hang manifests as a userspace busy loop with SnappyStreamDecompressor.Decompress repeatedly calling Crc32CAlgorithm.Append. The exact...

avro-oom-compression-poc

Avro Decompression Bomb PoC CWE-409 Proof of concept demons...

openmrs-core 路径遍历漏洞

OpenMRS-core is an open-source electronic health record system developed by OpenMRS. Versions of OpenMRS-core prior to 2.7.8, as well as versions 2.8.0 to 2.8.5, have a path traversal vulnerability. This vulnerability stems from the module upload endpoint’s automatic decompression of .omod archiv...

PT-2026-38299

Name of the Vulnerable Software and Affected Versions Snappier affected versions not specified Description A denial of service issue exists where Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream. This occurs when the...

Inefficient Algorithmic Complexity

Overview Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the decode function in the DNS name decompression process. An attacker can cause the server to hang and...