CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedhatCVE•added 2026/04/13 9:5 p.m.•3 views

CVE-2026-6100

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6AI score0.00164EPSS

Exploits0References9

OSV•added 2026/04/13 6:16 p.m.•3 views

UBUNTU-CVE-2026-6100

Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling...

9.1CVSS5.8AI score0.00164EPSS

Exploits0References11

OSV•added 2026/04/13 5:15 p.m.•5 views

PSF-2026-18

9.1CVSS5.8AI score0.00164EPSS

Exploits0References8

OSV•added 2026/04/13 5:15 p.m.•2 views

PSF-0000-CVE-2026-6100

9.1CVSS5.8AI score0.00164EPSS

Exploits0References6

Positive Technologies•added 2026/04/13 12:0 a.m.•3 views

PT-2026-32487

Name of the Vulnerable Software and Affected Versions CPython affected versions not specified Description A use-after-free UAF issue exists in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This occurs when a memory allocation fails with a MemoryError and the decompression instanc...

9.1CVSS5.7AI score0.00164EPSS

Exploits0References88

OSV•added 2025/05/30 1:15 a.m.•2 views

UBUNTU-CVE-2020-36846

A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a scrip...

9.8CVSS5.9AI score0.0054EPSS

Exploits0References8

OSV•added 2024/03/06 11:0 a.m.•19 views

BIT-DOTNET-SDK-2020-8927 Buffer overflow in Brotli library

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...

9.8CVSS7.1AI score0.0054EPSS

Exploits0References15

Tenable Nessus•added 2023/11/06 12:0 a.m.•34 views

Rocky Linux 8 : brotli (RLSA-2021:1702)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1702 advisory. - A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a one-shot decompression request to a...

6.5CVSS7.2AI score0.0031EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 4:1 a.m.•2 views

SUSE CVE-2020-8927

5.3CVSS7.3AI score0.0031EPSS

Exploits0References13

Github Security Blog•added 2022/05/24 5:28 p.m.•45 views

Integer overflow in the bundled Brotli C library

6.5CVSS7.2AI score0.0031EPSS

Exploits0References23Affected Software100

RedHat Linux•added 2022/03/10 4:12 p.m.•3 views

brotli: buffer overflow when input chunk is larger than 2GiB

A buffer overflow flaw was found in the Brotli library where an attacker could control the input length of a "one-shot" decompression request to a script that can trigger a crash. This issue can happen when copying chunks of data larger than 2 GiB...

6.5CVSS7.3AI score0.0031EPSS

Exploits0References4

RedHat Linux•added 2022/03/10 4:12 p.m.•5 views

brotli: buffer overflow when input chunk is larger than 2GiB

6.5CVSS7.3AI score0.0031EPSS

Exploits0References4

RedHat Linux•added 2022/03/10 4:6 p.m.•6 views

brotli: buffer overflow when input chunk is larger than 2GiB

6.5CVSS7.3AI score0.0031EPSS

Exploits0References4

OSV•added 2021/12/20 12:0 p.m.•28 views

RUSTSEC-2021-0131 Integer overflow in the bundled Brotli C library

9.8CVSS7.1AI score0.0054EPSS

Exploits0References4

Tenable Nessus•added 2021/05/26 12:0 a.m.•50 views

Oracle Linux 8 : brotli (ELSA-2021-1702)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1702 advisory. 1.0.6-3 - Resolves: CVE-2020-8927 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

6.5CVSS7AI score0.0031EPSS

Exploits0References2

RedhatCVE•added 2020/09/15 6:0 p.m.•35 views

CVE-2020-8927

6.5CVSS1.6AI score0.0031EPSS

Exploits0References3

Snyk•added 2020/09/15 10:36 a.m.•2 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. An attacker could control the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. Remediation Upgrade brotli to version...

6.9CVSS6.9AI score0.0031EPSS

Exploits0References2

OSV•added 2020/09/15 10:15 a.m.•4 views

AZL-6341 CVE-2020-8927 affecting package brotli for versions less than 1.0.7-10

6.5CVSS7AI score0.0031EPSS

Exploits0References1

OSV•added 2020/09/15 10:15 a.m.•2 views

ALPINE-CVE-2020-8927

6.5CVSS7.3AI score0.0031EPSS

Exploits0References1

OSV•added 2020/09/15 10:15 a.m.•2 views

DEBIAN-CVE-2020-8927