Lucene search
K

19 matches found

OSV
OSV
added 2025/08/29 3:38 p.m.6 views

GHSA-4H45-JPVH-6P5J Rancher affected by unauthenticated Denial of Service

Impact A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public unauthenticated and authenticated API endpoints. This allows a malicious user to exploit this by sending excessively large payloads, which are fully loaded into...

8.2CVSS6.7AI score0.00482EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.7 views

PT-2025-35332

Name of the Vulnerable Software and Affected Versions Rancher Manager versions 2.9.12, 2.10.9, 2.11.5, and 2.12.1 Description A high-severity Denial of Service DoS flaw exists in Rancher Manager, allowing attackers to crash servers by sending oversized API requests to certain public unauthenticat...

9.9CVSS6.5AI score0.10543EPSS
Exploits21References58
Amazon
Amazon
added 2025/04/29 12:0 a.m.7 views

Medium: containerd

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.5 views

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.5 views

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.8 views

Medium: containerd

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/05/22 9:48 a.m.3 views

golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers

A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory,...

7.5CVSS6.6AI score0.01544EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/01/10 11:36 a.m.5 views

golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers

A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory,...

7.5CVSS6.6AI score0.01544EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:32 a.m.6 views

SUSE CVE-2022-2879

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS7.2AI score0.01544EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/01/23 3:26 p.m.3 views

golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers

A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory,...

7.5CVSS6.6AI score0.01544EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/01/17 7:29 p.m.7 views

golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers

A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory,...

7.5CVSS6.6AI score0.01544EPSS
Exploits0References7
OSV
OSV
added 2022/10/14 3:15 p.m.8 views

AZL-41765 CVE-2022-2879 affecting package ig for versions less than 0.29.0-1

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.7AI score0.01544EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.8 views

AZL-41786 CVE-2022-2879 affecting package libcontainers-common for versions less than 20240213-2

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.7AI score0.01544EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.4 views

DEBIAN-CVE-2022-2879

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.9AI score0.01544EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.7 views

AZL-41787 CVE-2022-2879 affecting package skopeo for versions less than 1.14.4-1

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.7AI score0.01544EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/06/19 7:13 p.m.6 views

kernel: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

7.4CVSS7AI score0.05186EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2017/06/19 6:39 p.m.5 views

kernel: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

7.4CVSS7AI score0.05186EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2017/06/19 5:57 p.m.4 views

kernel: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

7.4CVSS7AI score0.05186EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2017/06/19 3:46 p.m.5 views

kernel: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

7.4CVSS7AI score0.05186EPSS
Exploits3References6
Rows per page
Query Builder