201 matches found
PT-2025-41808
Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.4.6 Mastodon versions prior to 4.3.14 Mastodon versions prior to 4.2.27 Description Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.4.6, 4.3.14, and 4.2.27, disabling...
EUVD-2020-0057
Malware in sbrugna...
CVE-2023-53497
In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check if the .startstreaming operation has been called, and decide whether to just add...
BIT-POWERSHELL-2020-8927 Buffer overflow in Brotli library
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...
CVE-2020-36846
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...
PT-2025-49261
Name of the Vulnerable Software and Affected Versions urllib3 versions 1.0 through 2.5.16 Description urllib3 is a Python HTTP client library. Versions prior to 2.6.0 have an issue in the Streaming API where it improperly handles highly compressed data. The decompression logic can cause excessive...
Fedora: Security Advisory for jackson-core (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: jackson-core-2.16.1-4.fc40
Core part of Jackson that defines Streaming API as well as basic shared abstractions...
BIT-DOTNET-2020-8927 Buffer overflow in Brotli library
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...
BIT-BROTLI-2020-8927 Buffer overflow in Brotli library
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...
Qualys API Best Practices: Policy Compliance – Posture Streaming (PCRS) API
This API Best Practices Series is designed for Qualys customer programmers or stakeholders with a general knowledge of programming who want to implement best practices for improving the development, design, and performance of their programs that use the Qualys API. For non-customers, the Qualys A...
SUSE CVE-2020-8927
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...
GHSA-5V8V-66V8-MWM7 Integer overflow in the bundled Brotli C library
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...
Integer overflow in the bundled Brotli C library
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...
RUSTSEC-2021-0132 Integer overflow in the bundled Brotli C library
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. If one cannot update the C library, its...
Integer overflow in the bundled Brotli C library
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. If one cannot update the C library, its...
Improper Verification of Cryptographic Signature in aws-encryption-sdk
Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In...
Oracle Linux 8 : brotli (ELSA-2021-1702)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1702 advisory. 1.0.6-3 - Resolves: CVE-2020-8927 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...
EulerOS 2.0 SP8 : brotli (EulerOS-SA-2020-2508)
According to the version of the brotli package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a 'one-shot' decompression...
CVE-2020-8927
A buffer overflow flaw was found in the Brotli library where an attacker could control the input length of a "one-shot" decompression request to a script that can trigger a crash. This issue can happen when copying chunks of data larger than 2 GiB. Mitigation This flaw can be mitigated by using...