OESA-2025-1687 skopeo security update

A command line utility that performs various operations on container images and image repositories Security Fixes: Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used lar...

jetty-server: Jetty: Gzip Request Body Buffer Corruption

A flaw was found in Eclipse Jetty. This vulnerability allows corrupted and inadvertent data sharing between requests via a gzip error when inflating a request body. If the request body is malformed, the gzip decompression process can fail, resulting in the application inadvertently using data fro...

netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...

CVE-2022-50193

In the Linux kernel, the following vulnerability has been resolved: erofs: wake up all waiters after zerofslzmahead ready When the user mounts the erofs second times, the decompression thread may hung. The problem happens due to a sequence of steps like the following: 1 Task A called...

SUSE CVE-2022-50193

In the Linux kernel, the following vulnerability has been resolved: erofs: wake up all waiters after zerofslzmahead ready When the user mounts the erofs second times, the decompression thread may hung. The problem happens due to a sequence of steps like the following: 1 Task A called...

CVE-2022-50193

In the Linux kernel, the following vulnerability has been resolved: erofs: wake up all waiters after zerofslzmahead ready When the user mounts the erofs second times, the decompression thread may hung. The problem happens due to a sequence of steps like the following: 1 Task A called...

CVE-2022-50193 erofs: wake up all waiters after z_erofs_lzma_head ready

In the Linux kernel, the following vulnerability has been resolved: erofs: wake up all waiters after zerofslzmahead ready When the user mounts the erofs second times, the decompression thread may hung. The problem happens due to a sequence of steps like the following: 1 Task A called...

CVE-2022-50193

CVE-2022-50193 concerns Linux kernel erofs: wake up all waiters after z_erofs_lzma_head is ready. The issue can cause the decompression thread to hang when mounting erofs a second time due to a sequence where Task A loads lzma config and fills z_erofs_lzma_head after Task B has already slept wait...

CVE-2022-50193 erofs: wake up all waiters after z_erofs_lzma_head ready

In the Linux kernel, the following vulnerability has been resolved: erofs: wake up all waiters after zerofslzmahead ready When the user mounts the erofs second times, the decompression thread may hung. The problem happens due to a sequence of steps like the following: 1 Task A called...

PT-2025-26119 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the erofs filesystem. The issue occurs when the user mounts the erofs filesystem for the second time, which may cause...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

Brotli decompression bomb DoS

This report is not public...

PT-2025-44569

Name of the Vulnerable Software and Affected Versions Scrapy versions up to 2.13.2 Description Scrapy is susceptible to a denial of service DoS attack stemming from an issue in its brotli decompression implementation. The built-in protection against decompression bombs does not effectively addres...

Brotli decompression bomb DoS

Description urllib3 can not stream brotli-encoded responses properly unlike the way it handles gzip responses. It always loads entire decompressed response body into memory when reading brotli-encoded response, which allows malicious servers to perform DoS attack by responding with decompression...

CVE-2024-36486

A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 55740. When an archived virtual machine is restored, the prlvmarchiver tool decompresses the file and writes the content back to its original location...

UBUNTU-CVE-2020-36846

A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...

CVE-2020-36846

CVE-2020-36846 maps to IO::Compress::Brotli using an embedded Brotli library vulnerable to a buffer overflow (CVE-2020-8927). Affected: IO::Compress::Brotli versions < 0.007 bundled with Brotli

SUSE CVE-2025-5031

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an...

CVE-2025-5031

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an...