CVE-2025-11579

github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10 v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4 v3.8.4rc1 v3.8.5 v3.8.6 v3.8.6rc1; v3.9.0 v3.9.0b4 v3.9.0b5 v3.9.0rc1 v3.9.0rc2.

...