Lucene search
K

5 matches found

SUSE Linux
SUSE Linux
added 2025/10/02 7:15 a.m.2 views

Security update for warewulf4

This update for warewulf4 fixes the following issues: Update to version 4.6.4. Security issues fixed: CVE-2025-58058: xz: excessive memory consuption when unpacking a large number of corrupted LZMA archives bsc1248906. Other issues fixed: Convert disk booleans from wwbool to bool which allows boo...

6.9CVSS6.5AI score0.00385EPSS
Exploits0References12
OSV
OSV
added 2025/09/17 5:3 p.m.5 views

GO-2025-3922 Memory leaks when decoding a corrupted multiple LZMA archives in github.com/ulikunitz/xz

Memory leaks when decoding a corrupted multiple LZMA archives in github.com/ulikunitz/xz...

5.3CVSS7AI score0.00385EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/09/04 7:16 a.m.5 views

github.com/ulikunitz/xz leaks memory when decoding a corrupted multiple LZMA archives

...

5.3CVSS7AI score0.00385EPSS
Exploits0
CVE
CVE
added 2025/08/28 9:54 p.m.76 views

CVE-2025-58058

CVE-2025-58058 — xz (Go) memory allocation issue : The xz library (Go implementation) prior to 0.5.14 can allocate the full LZMA decoding buffer immediately after reading the header, before detecting improper data prepending to the stream. The LZMA header lacks a mandatory magic/checksum to catch...

5.3CVSS6.6AI score0.00385EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2014/12/16 12:0 a.m.4 views

PT-2014-8957 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Docker version 1.3.2 Description: The issue allows remote attackers to execute arbitrary code with root privileges. This can be achieved via a crafted image or build in a Dockerfile, specifically when the image or build is contained in an LZM...

10CVSS6.8AI score0.06452EPSS
Exploits1References30
Rows per page
Query Builder