3660 matches found
CVE-2024-29371
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during...
CVE-2024-29371
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during...
jose4j 安全漏洞
jose4j is a powerful and easy-to-use open source implementation of the JSON Web Token JWT and the JOSE suite of specifications JWS, JWE, and JWK from Bitbucket Open Source. A security vulnerability exists in jose4j versions prior to 0.9.5, which stems from an attacker being able to construct...
CVE-2024-29371
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during...
CVE-2024-29371
CVE-2024-29371 affects jose4j via DoS caused by processing a JWE with an extremely high compression ratio. IBM Operations Analytics - Log Analysis (versions 1.3.7.0–1.3.7.2 and 1.3.8.0–1.3.8.1) is listed as affected; remediation is to upgrade to 1.3.8 Fix Pack 2 (or later) per IBM’s advisory. The...
CVE-2024-29371
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during...
CLSA-2025-1765902454 unbound: Fix of CVE-2024-8508
CVE-2024-8508: limit number of name compression calculations per packet to prevent denial of service attacks...
CLSA-2025-1765901537 unbound: Fix of CVE-2024-8508
CVE-2024-8508: limit number of name compression calculations per packet to prevent denial of service attacks...
EUVD-2025-203712
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM driver Commit c410fa9b07c3 "drm/mediatek: Add AFBC support to Mediatek DRM driver" added AFBC support to Mediatek DRM and enabled the 32x8/split/sparse modifier. However, this is...
CVE-2025-68184
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM driver Commit c410fa9b07c3 "drm/mediatek: Add AFBC support to Mediatek DRM driver" added AFBC support to Mediatek DRM and enabled the 32x8/split/sparse modifier. However, this is...
CVE-2025-68184
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM driver Commit c410fa9b07c3 "drm/mediatek: Add AFBC support to Mediatek DRM driver" added AFBC support to Mediatek DRM and enabled the 32x8/split/sparse modifier. However, this is...
CVE-2025-68184 drm/mediatek: Disable AFBC support on Mediatek DRM driver
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM driver Commit c410fa9b07c3 "drm/mediatek: Add AFBC support to Mediatek DRM driver" added AFBC support to Mediatek DRM and enabled the 32x8/split/sparse modifier. However, this is...
CVE-2025-68184
CVE-2025-68184 (Linux kernel / Mediatek DRM AFBC issue) A Mediatek-specific AFBC regression was introduced by enabling AFBC support in the Mediatek DRM driver (commit adding AFBC support and 32x8/split/sparse modifier). On Mediatek MT8188 (Genio 700 EVK), with upstream kernel Mesa (v25.0+), AFBC ...
CVE-2025-68184 drm/mediatek: Disable AFBC support on Mediatek DRM driver
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM driver Commit c410fa9b07c3 "drm/mediatek: Add AFBC support to Mediatek DRM driver" added AFBC support to Mediatek DRM and enabled the 32x8/split/sparse modifier. However, this is...
CVE-2025-64639
Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through = 6.50.17...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from AFBC support causing rendering errors and vblank timeouts that may lead to display issues...
PT-2025-51675
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The crypto/zstd module contains a flaw where per-CPU streams can be freed multiple times, leading to a double-free issue. This occurs when multiple transform contexts tfms are allocated...
Ghostscript: NPDL device: Compression buffer overflow
A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...
Denial Of Service (DoS)
urllib3 is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to an unbounded decompression chain, where nested compression layers are not limited, allowing a malicious server to send specially crafted responses that trigger excessive CPU usage and large memory allocation during...
[SECURITY] Fedora 43 Update: brotli-1.2.0-1.fc43
Brotli is a generic-purpose lossless compression algorithm that compresses da ta using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the be st currently available general-purpose compression methods. ...