2 matches found
GHSA-M449-CWJH-6PW7 pypdf's LZWDecode streams be manipulated to exhaust RAM
Impact An attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This is a follow up to GHSA-jfx9-29x2-rv3j to align the default limit with the one for zlib. Patche...
nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)
Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...