160 matches found
SUSE CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
Golang 1.25.x < 1.25.11 / 1.26.x < 1.26.4 Multiple Vulnerabilities
The version of Golang running on the remote host is 1.25.x prior to 1.25.11, or 1.26.x prior to 1.26.4. It is, therefore, affected by multiple vulnerabilities: - x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caus...
EUVD-2026-34039
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
Linux Distros Unpatched Vulnerability : CVE-2026-42504
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. CVE-2026-42504 Note that Nessus relies on the presen...
UBUNTU-CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid enc...
DEBIAN-CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
CVE-2026-42504 affects the WordDecoder.DecodeHeader function in the mime package, where decoding a malicious MIME header with many invalid encoded-words leads to quadratic time complexity and potential high CPU usage. Public descriptions identify the root cause as quadratic complexity in that dec...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
CVE-2026-42504
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...
PT-2026-45874
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Decoding a maliciously-crafted MIME header containing many invalid encoded-words can lead to excessive CPU consumption. Recommendations At the moment, there is n...
GHSA-VQC8-7275-Q272 Symfony has Email Header Injection via Non-Token Characters in Mime Parameter Names
Description Symfony\Component\Mime\Header\ParameterizedHeader and the related parameter handling reachable from Symfony\Component\Mime\Header\Headers is responsible for serializing structured headers such as Content-Type and Content-Disposition, which carry key=value parameters e.g...
Symfony has Email Header Injection via Non-Token Characters in Mime Parameter Names
Description Symfony\Component\Mime\Header\ParameterizedHeader and the related parameter handling reachable from Symfony\Component\Mime\Header\Headers is responsible for serializing structured headers such as Content-Type and Content-Disposition, which carry key=value parameters e.g...
CVE-2026-33454 Apache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant)
The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component MailHeaderFilterStrategy only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilterStartsWith. As a...
MiracleLinux 9 : pcs-0.11.4-7.el9.ML.1 (AXSA:2023-6066:10)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6066:10 advisory. pcs: webpack: Regression of CVE-2023-28154 fixes in the MIRACLE LINUX CVE-2023-2319 rubygem-rack: Denial of service in Multipart MIME parsing...
OneDrive / SharePoint Backup Fails with "Error: Invalid MIME content-length header encountered on read."
Challenge A backup job for OneDrive or SharePoint items processed by Veeam Backup for Microsoft 365 fails when attempting to download certain item versions, displaying the following error: Invalid MIME content-length header encountered on read Cause The issue is related to the download process us...
CVE-2025-20360
Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of the HTTP header are...
EUVD-2004-2067
Malware in sbrugna...