3649 matches found
EUVD-2025-18937
Malicious code in bioql PyPI...
EUVD-2024-52391
Malicious code in bioql PyPI...
EUVD-2024-52826
Malicious code in bioql PyPI...
EUVD-2022-27194
Malicious code in bioql PyPI...
EUVD-2023-0904
Malicious code in bioql PyPI...
EUVD-2025-12752
Malicious code in bioql PyPI...
EUVD-2025-14786
Malicious code in bioql PyPI...
EUVD-2022-7486
Malicious code in bioql PyPI...
EUVD-2025-8093
Malicious code in bioql PyPI...
EUVD-2021-34655
Malicious code in bioql PyPI...
EUVD-2025-18585
Malicious code in bioql PyPI...
RLSA-2025:8047 Moderate: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
[SECURITY] Fedora 41 Update: rust-astral-tokio-tar-0.5.5-1.fc41
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
[SECURITY] Fedora 42 Update: rust-astral-tokio-tar-0.5.5-1.fc42
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
[SECURITY] Fedora 43 Update: rust-astral-tokio-tar-0.5.5-1.fc43
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This...
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
A flaw was found in Netty. With specially crafted input, BrotliDecoder and some other decompressing decoders will allocate a large number of reachable byte buffers, which can lead to denial of service...
CVE-2025-39924
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
SUSE CVE-2025-39924
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...
CVE-2025-39924
In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...