16 matches found
Denial Of Service (DoS)
github.com/nwaples/rardecode is vulnerable to a Denial-of-Service DoS. The vulnerability is due to the failure to enforce limits on RAR dictionary sizes, which allows an attacker to supply a specially crafted RAR file that forces excessive memory allocation and triggers an out-of-memory crash...
Linux Distros Unpatched Vulnerability : CVE-2025-11579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a...
Exploit for CVE-2025-11579
PoC CVE-2025-11579 Ove...
SUSE CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
GHSA-RWVP-R38J-9RGG rardecode: DoS risk due to unrestricted RAR dictionary sizes
rardecode versions = 2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
EUVD-2025-33711
rardecode: DoS risk due to unrestricted RAR dictionary sizes...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the maxDictSize parameter when processing large RAR files. An attacker can cause the application to crash or become unresponsive by supplying a specially crafted RAR archive that triggers...
DEBIAN-CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
UBUNTU-CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579 DoS via Out Of Memory Crash
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579
CVE-2025-11579 affects github.com/nwaples/rardecode, versions
rardecode 安全漏洞
rardecode is a golang package for reading RAR files by the individual developer Nicholas Waples. A security vulnerability exists in rardecode 2.1.1 and earlier versions, which stems from an unrestricted dictionary size, which allows an attacker to supply a specially crafted RAR file resulting in ...
PT-2025-41556
Name of the Vulnerable Software and Affected Versions rardecode versions 2.1.1 and earlier Description The software does not properly limit the dictionary size when processing RAR files. An attacker can exploit this by providing a specially crafted RAR file with a large dictionary size, leading t...