PT-2026-31348

Name of the Vulnerable Software and Affected Versions: LiquidJS versions prior to 10.25.3 Description: LiquidJS is a template engine. A flaw exists in the 'replace' filter when the 'memoryLimit' option is enabled. The memory usage calculation incorrectly accounts for the size of the output string...

Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS

Scrapy are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occur...

CVE-2024-56544

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...

CVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if needed

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...

CVE-2023-43512

CVE-2023-43512 describes a transient Denial-of-Service in Qualcomm chipsets during GATT service data parsing when the total memory required by multiple services exceeds the available services buffer. Root cause: memory miscalculation during GATT parsing leads to overflow/overread in the handling ...

K15341: BIG-IP ASM Virtual Edition may run out of memory under certain DoS conditions

Security Advisory Description The BIG-IP ASM system limits the maximum number of concurrent requests with large payloads 10,000 bytes or larger by default to 100, using the maxconcurrentlongrequest internal parameter. The BIG-IP ASM system drops new requests with large payloads once this limit is...

CVE-2022-3759

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...

CVE-2021-21607

The CVE-2021-21607 issue affects Jenkins 2.274 and earlier, and Jenkins LTS 2.263.1 and earlier, where graph rendering URLs do not cap the maximum graph size. This can allow crafted or user-requested URLs to exhaust memory, potentially causing Jenkins to experience out-of-memory errors (DoS). A f...

shopify-scripts: Integer Overflow in mrb_ary_set

Hi, I found a crash in mruby. I frankly couldn't reproduce it in mruby-engine. I think it is because of memory limitation, but I'm not sure. Here is a PoC when the size of MRBINT is 32. ruby ary = Array.new0 ary0x7fffffff = 1 $ gdb -q --args ./bin/mruby ./test.rb Reading symbols from...