DEBIAN-CVE-2026-41168

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...

CVE-2026-34756

vLLM is an inference and serving engine for large language models LLMs. From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n parameter in the ChatCompletionRequest and CompletionReques...

AZL-27020 CVE-2023-2253 affecting package cert-manager for versions less than 1.11.2-14

A flaw was found in the /v2/catalog endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned query string: n. This vulnerability allows a malicious user to submit an unreasonably large value for n, causing the allocation of a massive strin...

PT-2023-6953 · Docker +4 · Docker Distribution +4

Name of the Vulnerable Software and Affected Versions: distribution versions prior to 2.8.2-beta.1 Description: A flaw was found in the /v2/ catalog endpoint, which accepts a parameter to control the maximum number of records returned query string: n. This vulnerability allows a malicious user to...

UBUNTU-CVE-2020-28975

DISPUTED svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport...