Lucene search
K

94 matches found

Github Security Blog
Github Security Blog
added 2025/12/05 6:19 p.m.6 views

Sigstore Timestamp Authority allocates excessive memory during request parsing

Impact Excessive memory allocation Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type header which is also untrusted data on an application string...

7.5CVSS6.9AI score0.00411EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/12/05 5:49 p.m.7 views

CLSA-2025-1764956967 expat: Fix of CVE-2025-59375

CVE-2025-59375: fix memory amplification and add allocation tracker...

7.5CVSS6.8AI score0.01279EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/12/04 11:12 p.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/26 11:7 a.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/25 8:3 a.m.4 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/25 7:36 a.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/25 7:17 a.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/24 4:17 p.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/19 10:11 p.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/19 8:10 p.m.3 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/11 7:57 p.m.5 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/03 2:0 a.m.4 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/10/27 5:46 p.m.2 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
SUSE Linux
SUSE Linux
added 2025/10/22 12:12 p.m.3 views

Security update for expat

This update for expat fixes the following issues: CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input bsc1249584. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

8.2CVSS7AI score0.01279EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/10/22 12:12 p.m.2 views

Security update for expat

This update for expat fixes the following issues: CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input bsc1249584. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

8.2CVSS7AI score0.01279EPSS
Exploits1References4
OSV
OSV
added 2025/10/22 12:11 p.m.4 views

SUSE-SU-2025:20895-1 Security update for expat

This update for expat fixes the following issues: - CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input bsc1249584...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References3
OSV
OSV
added 2025/10/22 12:0 p.m.4 views

SUSE-SU-2025:20868-1 Security update for expat

This update for expat fixes the following issues: - CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input bsc1249584...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2025/10/20 12:0 a.m.4 views

SUSE: Security Advisory (SUSE-SU-2025:03624-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01279EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/10/20 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:03624-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01279EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/18 12:0 a.m.2 views

SUSE SLED15: expat / libexpat-devel / libexpat-devel-32bit / libexpat1 / etc (SUSE-SU-2025:03624-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03624-1 advisory. - CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memor...

7.5CVSS6.4AI score0.01279EPSS
Exploits1References4
Rows per page
Query Builder