Lucene search
+L

5 matches found

OSV
OSV
added 5 days ago3 views

CVE-2026-45304 Symfony: YAML Parser Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs")

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser resolved YAML collection aliases recursively, allowing a small untrusted YAML input to expand into a multi-gigabyte structur...

8.7CVSS6.1AI score0.00804EPSS
Exploits0References8
CVE
CVE
added 5 days ago36 views

CVE-2026-45304

CVE-2026-45304 affects Symfony’s YAML Parser (Symfony\Component\Yaml\Parser). Before versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the parser resolved YAML collection aliases recursively, enabling a small untrusted YAML input to expand into a multi-gigabyte structure and exhaust memory. Impact is ...

8.7CVSS6.1AI score0.00804EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/22 2:38 p.m.3 views

SUSE-SU-2026:22258-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2026/04/17 2:18 p.m.4 views

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...

6.5CVSS5.7AI score0.00252EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/24 12:0 a.m.10 views

PT-2026-4557

Name of the Vulnerable Software and Affected Versions Avahi versions 0.9rc2 and below Description Avahi, a system for service discovery on a local network using mDNS/DNS-SD, is susceptible to a denial-of-service condition. Sending a crafted mDNS response with a recursive CNAME record, where the...

7.8CVSS5.9AI score0.00252EPSS
Exploits0References48
Rows per page
Query Builder