5 matches found
CVE-2026-45304 Symfony: YAML Parser Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs")
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser resolved YAML collection aliases recursively, allowing a small untrusted YAML input to expand into a multi-gigabyte structur...
CVE-2026-45304
CVE-2026-45304 affects Symfony’s YAML Parser (Symfony\Component\Yaml\Parser). Before versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the parser resolved YAML collection aliases recursively, enabling a small untrusted YAML input to expand into a multi-gigabyte structure and exhaust memory. Impact is ...
SUSE-SU-2026:22258-1 Security update for avahi
This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...
Security update for avahi
This update for avahi fixes the following issue: CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
PT-2026-4557
Name of the Vulnerable Software and Affected Versions Avahi versions 0.9rc2 and below Description Avahi, a system for service discovery on a local network using mDNS/DNS-SD, is susceptible to a denial-of-service condition. Sending a crafted mDNS response with a recursive CNAME record, where the...