3 matches found
Inefficient Algorithmic Complexity
Overview py7zr is a Pure python 7-zip library Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the PackInfo.read function. An attacker can cause excessive CPU consumption by providing a crafted archive with a large number of streams, leading to...
CoreDNS 安全漏洞
CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.3 contained a security vulnerability. This vulnerability stemmed from the DNS-over-QUIC server, where remote clients opened numerous QUIC streams and sent only 1 byte of data. This could lead to unlimited...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the DNS-over-QUIC DoQ server implementation. An attacker can cause uncontrolled memory consumption and potentially crash the system by opening many streams. Note: This is only...