15 matches found
SUSE CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
EUVD-2026-34039
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
DEBIAN-CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
CVE-2026-42504 affects the WordDecoder.DecodeHeader function in the mime package, where decoding a malicious MIME header with many invalid encoded-words leads to quadratic time complexity and potential high CPU usage. Public descriptions identify the root cause as quadratic complexity in that dec...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
GO-2026-5038 Quadratic complexity in WordDecoder.DecodeHeader in mime
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
PT-2026-45874
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Decoding a maliciously-crafted MIME header containing many invalid encoded-words can lead to excessive CPU consumption. Recommendations At the moment, there is n...
OSV-2026-561 Global-buffer-overflow in nameMatch
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=500975977 Crash type: Global-buffer-overflow READ 1 Crash state: nameMatch QStringConverter::QStringConverter KMime::HeaderParsing::parseEncodedWord...
SUSE-SU-2025:20346-1 Security update for python311
This update for python311 fixes the following issues: - Updated to 3.11.12: - gh-131809: Updated bundled libexpat to 2.7.1 - gh-131261: Upgraded to libexpat 2.7.0 - CVE-2025-0938: Fixed functions urllib.parse.urlsplit and urlparse accepting domain names including square brackets bsc1236705 -...
CLSA-2024-1734643401 Fix CVE(s): CVE-2024-6923
SECURITY UPDATE: Improper quoting of newlines in email headers - debian/patches/CVE-2024-6923.patch: Fix serialization of display name in originator or destination address fields with both encoded words and special chars - CVE-2024-6923...
Heap overflow
Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy formerly Verity KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long 1 To, 2 Cc, 3 Bcc, 4 From, 5 Date, 6 Subject, 7 Priority, 8 Importance, or 9 X-MSMail-Priority...