506 matches found
PYSEC-2026-361 joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads
Summary The ExceededSizeError exception messages are embedded with non-decoded JWT token parts and may cause Python logging to record an arbitrarily large, forged JWT payload. Details In situations where a misconfigured — or entirely absent — production-grade web server sits in front of a Python...
CVE-2026-54285
A flaw was found in the @opentelemetry/core component of the OpenTelemetry JavaScript Client. This vulnerability allows a remote attacker to trigger uncontrolled memory allocation by sending oversized baggage HTTP headers. The system's inability to enforce size limits during inbound baggage parsi...
GO-2026-5298 Go-Attestation: Hash injection into trusted measurement list via unskipped SignatureHeaderSize vendor bytes in parseEfiSignatureList() in github.com/google/go-attestation
Go-Attestation: Hash injection into trusted measurement list via unskipped SignatureHeaderSize vendor bytes in parseEfiSignatureList in github.com/google/go-attestation...
Linux Distros Unpatched Vulnerability : CVE-2026-52956
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field ...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validating the command header size against SVGACMDMAXDATASIZE This data originates from user space and is used in buffer offset calculations, which may potentially lead to an out-of-bounds access if the calculation...
UBUNTU-CVE-2026-52940
In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...
CVE-2026-53655
node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar node-tar applies a PAX extended header's size= record and other PAX overrides to the next header entry of any type, including intermediary metadata headers such as a GNU long-name L or long-link K entry. Per POSIX pax, a PAX extend...
Astra Linux – Vulnerability in Jetty9
Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows HTTP/2 HPACK header values to exceed their size limit. MetaDataBuilder.java determines whether a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Issues in mpi3mrgetalltgtinfo have been fixed. The function mpi3mrgetalltgtinfo has four issues: 1. It calculates the valid entry length in alltgtinfo assuming that the header part of the struct mpi3mrdevicemapin...
Astra Linux – Vulnerability in libtar
An attacker who submits a crafted tar file with a size of 0 in the header struct may be able to trigger a call to malloc0 for a variable named gnulonglink, resulting in an out-of-bounds read...
Astra Linux – Vulnerability in libqb
In logblackbox.c in libqb before version 2.0.8, a buffer overflow can occur due to the use of long log messages, as the size of the log headers is not taken into consideration...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an out-of-memory condition in spdystream Go [CVE-2026-35469]
Summary IBM Watson Speech Services Cartridge is vulnerable to an out-of-memory condition in spdystream Go, caused by a flaw in SPDY/3 frame parser that does not validate attacker-controlled counts and lengths before allocating memory CVE-2026-35469. Spdystream Go is used in our speech utilities...
CVE-2026-47774
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...
CVE-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...
CVE-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 Hypertext Transfer Protocol version 2 maximum header size handling. By sending a specific SETTINGSMAXHEADERLISTSIZE setting, an attacker can cause Netty to produce an exception...
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 Hypertext Transfer Protocol version 2 maximum header size handling. By sending a specific SETTINGSMAXHEADERLISTSIZE setting, an attacker can cause Netty to produce an exception...
CVE-2026-54417 Integer Overflow in rxi/microtar mtar_next() Causes Infinite Loop DoS
An integer overflow in the mtarnext function in src/microtar.c in rxi microtar 0.1.0 allows a remote attacker to cause a denial of service uncontrolled CPU consumption / infinite loop via a crafted tar archive. mtarnext computes the offset to the next record as rounduph.size, 512 +...
EUVD-2026-36471
Netty susceptible to HTTP/2 Reset Attack with different on-the-wire signature...
Interpretation Conflict
Overview org.webjars.npm:tar is a full-featured Tar for Node.js. Affected versions of this package are vulnerable to Interpretation Conflict due to improper handling of PAX extended header size overrides in intermediary metadata headers. An attacker can cause inconsistent archive parsing results...