12 matches found
EUVD-2007-2965
Malware in sbrugna...
EUVD-2024-0294
Malicious code in bioql PyPI...
Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file
...
CVE-2024-21651
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user able to attach a file to a page can post a malformed TAR file by manipulating file modification times headers, which when parsed by Tika, could cause a denial of service issue via CPU...
CVE-2023-42503
A flaw was found in Apache Commons Compress, where it would permit the creation of a malformed TAR file by manipulating file modification time headers. This issue can lead to excessive CPU consumption and a denial of service, affecting the availability...
XWiki vulnerable to Denial of Service attack through attachments
Impact A user able to attach a file to a page can post a malformed TAR file by manipulating file modification times headers, which when parsed by Tika, could cause a denial of service issue via CPU consumption. Patches This vulnerability has been patched in XWiki 14.10.18, 15.5.3 and 15.8 RC1...
PT-2024-18999 · Xwiki +1 · Xwiki Platform +2
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.10.18 XWiki Platform versions prior to 15.5.3 XWiki Platform versions prior to 15.8 RC1 Description: A user able to attach a file to a page can post a malformed TAR file by manipulating file modification...
Apache Commons Compress denial of service vulnerability
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...
CVE-2023-42503 Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...
CVE-2023-42503
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...
CVE-2002-1109
securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service CPU consumption via a malformed TAR file, possibly via an incorrect file size parameter...
CVE-2002-1109
securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service CPU consumption via a malformed TAR file, possibly via an incorrect file size parameter...