Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/03/30 11:0 a.m.5 views

undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS5.9AI score0.01256EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/19 9:49 a.m.9 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS5.8AI score0.01945EPSS
Exploits0References8
OSV
OSV
added 2026/01/28 8:16 p.m.3 views

CVE-2025-61726

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS8.2AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/12/23 12:0 a.m.122 views

Fedora Core 2 : php-4.3.10-2.4 (2004-567)

This update includes the latest release of PHP 4.3, including fixes for security issues in the unserializer CVE-2004-1019, exif image parsing CVE-2004-1065, and form upload parsing CVE-2004-0958 and CVE-2004-0959. Note that Tenable Network Security has extracted the preceding description block...

10CVSS7.3AI score0.10042EPSS
Exploits0References1
Rows per page
Query Builder