Lucene search
+L

6 matches found

SUSE CVE
SUSE CVE
added 2026/07/07 3:13 p.m.14 views

SUSE CVE-2026-54059

Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py loadbitmaps read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes without calling Image.decompressionbombcheck, allowing crafted PCF font data to cause excessive memory allocation. Thi...

7.5CVSS6AI score0.00354EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/07/06 6:46 p.m.6 views

CVE-2026-54059

Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py loadbitmaps read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes without calling Image.decompressionbombcheck, allowing crafted PCF font data to cause excessive memory allocation. Thi...

7.5CVSS6AI score0.00354EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/05/04 5:0 a.m.10 views

EUVD-2026-26914

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

6.9CVSS5.6AI score0.00464EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/02/10 7:52 p.m.36 views

IPFS go-bitfield vulnerable to DoS via malformed size arguments

Impact When feeding untrusted user input into the size parameter of NewBitfield and FromBytes functions, an attacker can trigger panics. This happen when the size is a not a multiple of 8 or is negative. There were already a note in the NewBitfield documentation: Panics if size is not a multiple ...

7.5CVSS7.3AI score0.0091EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/02/09 8:54 p.m.28 views

CVE-2023-23626 Denial of service when feeding malformed size arguments in go-bitfield

go-bitfield is a simple bitfield package for the go language aiming to be more performant that the standard library. When feeding untrusted user input into the size parameter of NewBitfield and FromBytes functions, an attacker can trigger panics. This happen when the size is a not a multiple of 8...

5.9CVSS7.4AI score0.0091EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/02/09 12:0 a.m.7 views

go-bitfield 代码问题漏洞

go-bitfield is a simple bitfield package from IPFS Open Source. A code issue vulnerability exists in versions prior to go-bitfield v1.1.0 that stems from an attacker being able to trigger a panic when entering untrusted users into the parameters of the NewBitfield and FromBytes functions...

7.5CVSS7.3AI score0.0091EPSS
Exploits1References4
Rows per page
Query Builder