Lucene search
K

101 matches found

NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS0.00774EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:11 p.m.7 views

CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS5.8AI score0.00774EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/07/01 3:11 p.m.40 views

CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS0.00774EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/29 1:30 a.m.9 views

EUVD-2026-40020

A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/baseencoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been made available to the...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References8
Snyk
Snyk
added 2026/06/26 4:35 p.m.6 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the inhttp and inforward plugins when decompressing gzip-compressed data. An attacker can cause excessive memory consumption by sending a highly compressed payload that...

8.7CVSS5.8AI score0.0063EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 8:56 p.m.8 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS6.8AI score0.00633EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/15 9:55 p.m.8 views

EUVD-2026-37014

Improper Handling of Highly Compressed Data Data Amplification vulnerability in elixir-grpc grpc GRPC.Compressor.Gzip, GRPC.Message modules allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.e...

8.7CVSS5.4AI score0.00348EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/15 8:9 p.m.8 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification during cleanup. An attacker can exhaust system memory by sending a specially crafted compressed payload that is decompressed into memory in a single chunk. Remediation Upgra...

8.7CVSS5.3AI score0.00279EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 1:13 a.m.8 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview org.springframework.security:spring-security-saml2-service-provider is a security component for the Spring Framework. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the REDIRECT binding. An attacker can exhaust system...

8.7CVSS5.3AI score0.00331EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:20 p.m.6 views

CVE-2026-49755

Improper Handling of Highly Compressed Data Data Amplification vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client via decompression-bomb response bodies. Req's default response pipeline includes Req.Steps.decodebody/1 and...

8.2CVSS5.5AI score0.00438EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/05/29 7:18 p.m.8 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the Batch.Decompress function. An attacker can cause excessive memory allocation on the receiving node by sending a specially crafted compressed P2P gossip payload,...

8.7CVSS5.8AI score0.0038EPSS
Exploits0References2
Redos
Redos
added 2026/05/06 12:0 a.m.9 views

ROS-20260506-73-0045

Vulnerability in erlang related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

6.9CVSS7.2AI score0.00644EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/29 1:26 p.m.11 views

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.9CVSS6.6AI score0.00633EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 1:26 p.m.8 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS6.7AI score0.00633EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/20 1:27 p.m.7 views

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.9CVSS6.6AI score0.00633EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 8:41 a.m.21 views

Security Bulletin: High Resource Consumption Vulnerability in urllib3 Streaming API Due to Improper Handling of Highly Compressed Data (≤ v2.6.0) affects watsonx.data

Summary A vulnerability in the urllib3 Streaming API versions 1.0 through 2.6.0 allows highly compressed HTTP responses to be decompressed in a way that can consume excessive system resources. When processing compressed data e.g., gzip or brotli, the library may fully decompress a small input int...

8.9CVSS6.8AI score0.00633EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2026/03/26 6:35 p.m.3 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the archive extraction process. An attacker can exhaust server memory by uploading specially crafted zip archives containing highly compressed entries. Remediation Upgrad...

7.1CVSS5.9AI score0.00343EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.4 views

openSUSE 16 Security Update : containerized-data-importer (openSUSE-SU-2026:20279-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20279-1 advisory. Update to version 1.64.0. Security issues fixed: - CVE-2024-28180: improper handling of highly compressed data bsc1235204. - CVE-2024-45338:...

7.5CVSS6AI score0.01956EPSS
Exploits0References9
Snyk
Snyk
added 2026/03/04 11:22 p.m.3 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the ContentReader process when handling requests with Content-Encoding: gzip. An attacker can cause excessive resource consumption by sending a small compressed payload...

8.7CVSS5.8AI score0.00418EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.4 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-005389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005389 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data...

8.9CVSS6.1AI score0.00633EPSS
Exploits0References4
Rows per page
Query Builder