CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2020/09/17 1:7 p.m.•1 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...

RedhatCVE•added 2020/09/15 6:0 p.m.•41 views

CVE-2020-8927

A buffer overflow flaw was found in the Brotli library where an attacker could control the input length of a "one-shot" decompression request to a script that can trigger a crash. This issue can happen when copying chunks of data larger than 2 GiB. Mitigation This flaw can be mitigated by using...

6.5CVSS1.6AI score0.03243EPSS

Exploits0References3

Snyk•added 2020/09/15 10:36 a.m.•3 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. An attacker could control the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. Remediation Upgrade brotli to version...

6.9CVSS6.9AI score0.03243EPSS

Exploits0References2

OSV•added 2020/09/15 10:15 a.m.•4 views

AZL-6341 CVE-2020-8927 affecting package brotli for versions less than 1.0.7-10

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...

6.5CVSS7AI score0.03243EPSS

OSV•added 2020/09/15 10:15 a.m.•3 views

ALPINE-CVE-2020-8927

6.5CVSS7.3AI score0.03243EPSS

OSV•added 2020/09/15 10:15 a.m.•4 views

DEBIAN-CVE-2020-8927

6.5CVSS7.2AI score0.03243EPSS

UbuntuCve•added 2020/09/15 10:15 a.m.•27 views

CVE-2020-8927

6.5CVSS7AI score0.03243EPSS

Exploits0References3

PyPA•added 2020/09/15 10:15 a.m.•4 views

PYSEC-2020-29

6.5CVSS7.3AI score0.03243EPSS

Exploits0References12Affected Software1

Vulnrichment•added 2020/09/15 9:15 a.m.•4 views

CVE-2020-8927 Buffer overflow in Brotli library

5.3CVSS7AI score0.03243EPSS

Exploits0References14

GitLab Advisory Database•added 2020/09/15 12:0 a.m.•23 views

Buffer Overflow

A buffer overflow exists in the Brotli library where an attacker controlling the input length of a one-shot decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB...

6.5CVSS2.2AI score0.03243EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2020/09/04 12:0 a.m.•5 views

PT-2020-6434 · Lrzip +2 · Lrzip +2

Name of the Vulnerable Software and Affected Versions: Lrzip version 0.631 Description: The issue is related to a use after free in the lzma decompress buf function in stream.c, which can be exploited by attackers to cause a Denial of Service DoS via a crafted compressed file. This can allow a...

9.8CVSS7.2AI score0.01842EPSS

Exploits6References40

RedHat Linux•added 2020/09/03 4:50 p.m.•0 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

RedHat Linux•added 2020/08/31 3:40 p.m.•2 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

RedHat Linux•added 2020/08/18 4:34 p.m.•2 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

RedHat Linux•added 2020/08/17 1:28 p.m.•1 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

RedHat Linux•added 2020/08/17 1:28 p.m.•1 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

RedHat Linux•added 2020/08/17 1:28 p.m.•1 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

RedHat Linux•added 2020/08/17 1:25 p.m.•1 views

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes