ch.mobi.mobitor.plugins:mobitor-plugin-bitbucket (>=3.1.305 <=3.1.313), ch.mobi.mobitor.plugins:mobitor-plugin-dwh (>=3.1.305 <=3.1.313) +71 more potentially affected by CVE-2025-29908 via io.netty.incubator:netty-incubator-codec-quic (=0.0.20.Final)

io.netty.incubator:netty-incubator-codec-quic MAVEN version =0.0.20.Final is affected by a known vulnerability. The following packages have a transitive dependency on io.netty.incubator:netty-incubator-codec-quic and may be impacted: - ch.mobi.mobitor.plugins:mobitor-plugin-bitbucket =3.1.305,...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the codec process. An attacker can cause a considerable CPU load on the server by initiating connections with colliding Source Connection IDs SCIDs. Remediation Upgrade...

CVE-2025-29908

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908

CVE-2025-29908 affects the Netty QUIC codec (netty-incubator-codec-quic) which uses quiche. The issue is a hash collision in the hash map that manages connections, allowing a remote attacker to induce a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs), causing consi...

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

USN-7397-1: AOM vulnerability

Xiantong Hou discovered that AOM did not properly handle certain malformed media files. If an application using AOM opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

[SECURITY] Fedora 40 Update: ffmpeg-6.1.2-2.fc40

FFmpeg is a leading multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge. No matter if they were designed by some standards...

RLSA-2024:9827 Moderate: libvpx security update

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Integer overflow in vpximgalloc CVE-2024-5197 For more details about the security issues, including the...

[SECURITY] Fedora 42 Update: ffmpeg-7.1.1-1.fc42

FFmpeg is a leading multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge. No matter if they were designed by some standards...

PT-2025-22202

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential memory leak has been identified in the Linux kernel, specifically in the wcd937x soc codec probe function. This issue arises when snd soc dapm new controls or snd soc dapm ad...

[SECURITY] Fedora 41 Update: ffmpeg-7.1.1-1.fc41

FFmpeg is a leading multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge. No matter if they were designed by some standards...

Linux Distros Unpatched Vulnerability : CVE-2022-49515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fix an out-of-bounds access in otppackedelementt The CS35L41NUMOTPELEM is 100...

Linux Distros Unpatched Vulnerability : CVE-2023-52518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicodec: Fix leaking content of localcodecs The following memory leak can be...

Linux Distros Unpatched Vulnerability : CVE-2023-52736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers...

Linux Distros Unpatched Vulnerability : CVE-2022-49496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko If the driver support subdev mode, the parameter dev-pm.dev will be NULL in...

Linux Distros Unpatched Vulnerability : CVE-2022-49616

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: rt7-sdw: harden jackdetecthandler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The...

PT-2025-18411

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the media: venus: hfi parser component. The issue arises when the init codecs function is invoked multiple times...

CVE-2021-47650

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...

SUSE CVE-2021-47650

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...