29 matches found
PT-2026-51097
Name of the Vulnerable Software and Affected Versions py7zr versions prior to 0.22.1 Description The Worker.decompress function in py7zr/worker.py extracts archive entries without tracking the total decompressed size. This allows a specially crafted .7z file to cause disk or memory exhaustion...
PT-2026-50180
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.24.0 Description The Compression node's Decompress operation expands attacker-controlled archives into memory without enforcing limits on the decompressed output size. An unauthenticated attacker can send a small...
tornado AsyncHTTPClient accumulates decompressed chunks without size limit (gzip bomb)
Tornado's gzip decompression routines work in limited-size chunks, but have no overall limit for the total size of decompressed chunks that they will accumulate There has always been a limit for the total compressed size. This allows a malicious server to consume effectively unlimited amounts of...
GHSA-RR89-W3H9-M66J ExifReader is vulnerable to denial of service via unbounded decompression of image metadata
Impact Versions of ExifReader from 4.20.0 through 4.38.1 do not bound the size of decompressed metadata blocks. When a caller invokes the asynchronous API e.g. ExifReader.loadfile or ExifReader.loadbuffer, async: true on an attacker-supplied image, a small compressed chunk in the file can expand ...
ExifReader is vulnerable to denial of service via unbounded decompression of image metadata
Impact Versions of ExifReader from 4.20.0 through 4.38.1 do not bound the size of decompressed metadata blocks. When a caller invokes the asynchronous API e.g. ExifReader.loadfile or ExifReader.loadbuffer, async: true on an attacker-supplied image, a small compressed chunk in the file can expand ...
OESA-2026-1925 python-jwcrypto security update
Implements JWK, JWS, JWE specifications with python-cryptography Security Fixes: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing...
OESA-2026-1924 python-jwcrypto security update
Implements JWK, JWS, JWE specifications with python-cryptography Security Fixes: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing...
OESA-2026-1923 python-jwcrypto security update
Implements JWK, JWS, JWE specifications with python-cryptography Security Fixes: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing...
DEBIAN-CVE-2026-5438
A gzip decompression bomb vulnerability exists when Orthanc processes HTTP request with Content-Encoding: gzip. The server does not enforce limits on decompressed size and allocates memory based on attacker-controlled compression metadata. A specially crafted gzip payload can trigger excessive...
CVE-2026-39373
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...
PYSEC-2026-70
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...
UBUNTU-CVE-2026-39373
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...
CVE-2026-39373
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...
CVE-2026-39373
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...
PT-2026-28423
Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.x through 10.11.11 Mattermost versions 11.2.x through 11.2.3 Mattermost versions 11.3.x through 11.3.1 Mattermost versions 11.4.x through 11.4.0 Description The software does not properly validate the size of...
CLSA-2026-1773768694 Fix CVE(s): CVE-2025-14847
SECURITY UPDATE: Unauthenticated heap memory disclosure via mismatched zlib compressed protocol headers MongoBleed - debian/patches/CVE-2025-14847.patch: Return actual decompressed size instead of buffer size in ZlibMessageCompressor::decompressData - CVE-2025-14847...
CLSA-2026-1773757893 Fix CVE(s): CVE-2025-14847
SECURITY UPDATE: Unauthenticated heap memory disclosure via mismatched zlib compressed protocol headers MongoBleed - debian/patches/CVE-2025-14847.patch: Return actual decompressed size instead of buffer size in ZlibMessageCompressor::decompressData - CVE-2025-14847...
CVE-2026-22870
GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, GuardDog's safeextract function does not validate decompressed file sizes when extracting ZIP archives wheels, eggs, allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabyt...
GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS
Summary GuardDog's safeextract function does not validate decompressed file sizes when extracting ZIP archives wheels, eggs, allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabytes of disk space from a few megabytes of compressed data...
OESA-2025-1687 skopeo security update
A command line utility that performs various operations on container images and image repositories Security Fixes: Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used lar...