3283 matches found
EUVD-2026-11699
Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression...
Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression
Description The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforci...
GHSA-VRM6-8VPV-QV8Q Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression
Description The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforci...
CVE-2026-4111
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...
UBUNTU-CVE-2026-4111
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...
CVE-2026-31897
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...
CVE-2026-23943
Improper Handling of Highly Compressed Data Compression Bomb vulnerability in Erlang OTP ssh sshtransport modules allows Denial of Service via Resource Depletion. The SSH transport layer advertises legacy zlib compression by default and inflates attacker-controlled payloads pre-authentication...
UBUNTU-CVE-2026-31897
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...
CVE-2026-31897
An out of bounds read flaw has been discovered in FreeRDP. This Out-of-bounds read exists in the freerdpbitmapdecompressplanar function when SrcSize is 0. This flaw may allow an attcker to read of 1 byte from heap memory in some situation. The more common and expected impact is a crash when the...
CVE-2026-31897
FreeRDP vulnerability CVE-2026-31897: an out-of-bounds read in freerdp_bitmap_decompress_planar occurs when SrcSize is 0, dereferencing pSrcData without verifying SrcSize. This affects pre-3.24.0 releases and is fixed in 3.24.0. OpenSUSE/SUSE advisories and Amazon Linux 2 ALAS-2026-3239 also note...
EUVD-2026-12064
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop through the archivereaddata process. An attacker can exhaust system resources by submitting a specially crafted RAR5 archive that triggers an infinite loop during decompression. Remediation Upgrade libarchive to version...
CVE-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...
CVE-2026-4111
The issue CVE-2026-4111 affects the libarchive library, specifically the RAR5 decompression logic. The vulnerability resides in archive_read_data() where processing a specially crafted RAR5 archive can enter an infinite loop, preventing forward progress and causing continuous CPU usage. The affec...
CVE-2026-4111
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...
CVE-2026-4111
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...
CVE-2026-4111
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...
Red Hat Enterprise Linux 10 安全漏洞
Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. Red Hat Enterprise Linux 10 contains security vulnerabilities, specifically related to the RAR5 archive decompression logic. These vulnerabilities may lead to infinite loops and...
CVE-2026-1526
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to...
CVE-2026-1526
The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit...