231 matches found
CVE-2026-6686
FatFs R0.16 and earlier contains an uninitialized cluster exposure when flseek extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 Use of Uninitialized Resource. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.6, Medium. The...
CVE-2026-6686
FatFs R0.16 and earlier contains an uninitialized cluster exposure when flseek extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 Use of Uninitialized Resource. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.6, Medium. The...
EUVD-2026-40998
FatFs R0.16 and earlier contains an uninitialized cluster exposure when flseek extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 Use of Uninitialized Resource. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.6, Medium. The...
CVE-2026-6686
FatFs CVE-2026-6686 affects FatFs R0.16 and earlier. The issue is an uninitialized cluster exposure when f_lseek() extends a file beyond EOF without zero-filling newly allocated clusters, mapping to CWE-908 (Use of Uninitialized Resource). The root cause is not zero-filling or initializing cluste...
CVE-2026-11972
A flaw was found in the Python tarfile module. When processing a specially crafted tar archive opened in 'streaming mode' mode='r|', the module does not properly handle the end-of-file EOF condition. This can cause the tarfile module to enter an infinite loop, leading to a Denial of Service DoS f...
BIT-PYTHON-MIN-2026-11972 tarfile opened in streaming mode mishandles EOF
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
BIT-PYTHON-2026-11972 tarfile opened in streaming mode mishandles EOF
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
BIT-LIBPYTHON-2026-11972 tarfile opened in streaming mode mishandles EOF
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
EUVD-2026-38630
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, meaning an archive could be parsed in an infinite loop...
PT-2026-52016
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the btrfs file system when the flushoncommit mount option is used. The issue arises during a reflink operation that copies an inline extent to an offset beyond th...
DEBIAN-CVE-2026-11972
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
CVE-2026-11972
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
UBUNTU-CVE-2026-11972
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
CVE-2026-11972 tarfile opened in streaming mode mishandles EOF
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
PSF-2026-31
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
CVE-2026-11972 tarfile opened in streaming mode mishandles EOF
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
CVE-2026-11972
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
CVE-2026-11972
CVE-2026-11972: The Python tarfile module may loop indefinitely when parsing archives opened in streaming mode (mode="r|") due to improper EOF handling. Affects the tarfile parsing path and could cause high impact availability issues; the description confirms the root cause but the connected docu...
PT-2026-51603
Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The tarfile module fails to properly handle the End of File EOF when a file is opened in streaming mode mode="r|". This can lead to a situation where an archive is parsed in an infinite loop...
GHSA-VQ2F-VCC9-J8MV Python Liquid: Infinite loop when parsing malformed `{% case %}` tags
Impact Given a malformed % case % tag without associated % when % or % else % block, and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time. This allows malicious template authors to craft templates for a denial of service attack. Patches The issue is fixed in...