Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/19 6:45 p.m.4 views

CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS7.5AI score0.00304EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/19 6:45 p.m.6 views

CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS7.5AI score0.00304EPSS
Exploits0
Veracode
Veracode
added 2023/10/25 8:7 a.m.13 views

Denial Of Service (DoS)

encodedid-rails is vulnerable to Denial of service attack. The vulnerability is due to a lack of validation while decoding hashid. Extremely long encoded id's consumes a large amount of CPU and allocates immediate objects. maxlength parameter is introduced to fix this vulnerability which limits t...

7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2023/01/24 3:36 p.m.193 views

ReDoS Vulnerability in ua-parser-js version

Description: A regular expression denial of service ReDoS vulnerability has been discovered in ua-parser-js. Impact: This vulnerability bypass the library's MAXLENGTH input limit prevention. By crafting a very-very-long user-agent string with specific pattern, an attacker can turn the script to g...

7.5CVSS7.9AI score0.01725EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2023/01/05 12:0 a.m.51 views

CVE-2022-23549 Discourse vulnerable to bypass of post max_length using HTML comments

Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, users can create posts with raw body longer than the maxlength site setting by including html comments that are not counted toward the...

5.7CVSS6.8AI score0.00575EPSS
Exploits0References2
Rows per page
Query Builder