Astra Linux – Vulnerability in Golang-1.15

In versions of Go prior to 1.15.13 and 1.16.x prior to 1.16.5, a crafted file count present in the archive’s header can lead to a panic in NewReader or OpenReader...

SwiftNIO NIOHTTP1: HTTPDecoder accepts unbounded HTTP/1 header blocks, enabling remote DoS

The HTTPDecoder in NIOHTTP1 enforces no limit on the total size of an HTTP/1 message's header block or on the number of header fields per message. A remote peer can submit an arbitrary number of small, valid headers in a single request and have them all accumulated into the resulting HTTPHeaders...

GO-2026-4958 Uncontrolled resource consumption when parsing SPDY frames in github.com/moby/spdystream

The SPDY/3 frame parser in spdystream does not validate attacker-controlled counts and lengths before allocating memory. A remote peer that can send SPDY frames to a service using spdystream can cause the process to allocate gigabytes of memory with a small number of malformed control frames,...

GHSA-PP6C-GR5W-3C5G python-multipart has Denial of Service via unbounded multipart part headers

Summary python-multipart has a denial of service vulnerability in multipart part header parsing. When parsing multipart/form-data, MultipartParser previously had no limit on the number of part headers or the size of an individual part header. An attacker could send a request with either many...

CVE-2026-35469

spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count ...

GHSA-PC3F-X583-G7J2 SpdyStream: DOS on CRI

The SPDY/3 frame parser in spdystream does not validate attacker-controlled counts and lengths before allocating memory. A remote peer that can send SPDY frames to a service using spdystream can cause the process to allocate gigabytes of memory with a small number of malformed control frames,...

CVE-2022-50450

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

PT-2025-40135

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The libbpf component in the Linux kernel contains an issue where it directly uses the e shnum field in the ELF header as the section header count. This can lead to a heap-buffer overflow...

CVE-2023-28576

The buffer obtained from kernel APIs such as cammemgetcpubuf may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header e.g. header.count, causing checks e.g. size checks in kernel code to be invalid. This may lead to...

HTTP/2 push headers memory-leak

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

DEBIAN-CVE-2023-38039

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of header...

AZL-29698 CVE-2023-38039 affecting package curl for versions less than 8.3.0-1

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of header...

SUSE CVE-2023-38039

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of header...

SUSE CVE-2021-33196

In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count in an archive's header can cause a NewReader or OpenReader panic...

AZL-79084 CVE-2021-33196 affecting package golang 1.25.7-1

In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count in an archive's header can cause a NewReader or OpenReader panic...

Accusoft ImageGear out-of-bounds write vulnerability (CNVD-2021-25372)

Accusoft ImageGear is a multi-platform, multi-language document imaging developer toolkit. An out-of-bounds write vulnerability exists in the TIFF header count processing functionality of Accusoft ImageGear 19.8. An attacker can exploit the vulnerability by supplying a specially crafted malicious...