5 matches found
Allocation of Resources Without Limits or Throttling
Overview authlib is a library in building OAuth and OpenID Connect servers. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the extractsegment and extractheader processes. An unauthenticated attacker can exhaust system resources and...
SUSE CVE-2011-1910
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...
USN-5431-1 gnupg2 vulnerability
It was discovered that GnuPG was not properly processing keys with large amounts of signatures. An attacker could possibly use this issue to cause a denial of service...
GHSA-8GWC-X7MG-7P7P Apache XML Security For Java vulnerable to Infinite Loop
Affected versions of xmlsec are subject to a denial of service vulnerability. Should a user check the signature of a message larger than 512 MB, the method expandSizeint newPos of class org.apache.xml.security.utils.UnsyncByteArrayOutputStream goes in an endless loop. A remote attacker could use...
DEBIAN-CVE-2011-1910
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...