Lucene search
K

4 matches found

OSV
OSV
added 2026/06/11 3:37 p.m.2 views

CVE-2026-44488 Axios: Allocation of Resources Without Limits or Throttling in axios

Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetch adapter. Applications that selected adapter: 'fetch', or ran in environments where axios resolve...

7.5CVSS6AI score0.0063EPSS
Exploits1References31
Debian CVE
Debian CVE
added 2026/05/01 1:56 p.m.5 views

CVE-2026-31707

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...

7.1CVSS5.8AI score0.00125EPSS
Exploits0
OSV
OSV
added 2026/03/26 8:33 p.m.4 views

GO-2026-4726 Mattermost fails to limit the size of responses from integration action endpoints in github.com/mattermost/mattermost-server

Mattermost fails to limit the size of responses from integration action endpoints in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

5.7CVSS5.9AI score0.00165EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/04/14 12:0 a.m.2 views

PT-2021-9103 · Go +5 · Github.Com/Tendermint/Tendermint +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to the support of Gzip compression in request bodies and the lack of limiting response body sizes. This can allow a malicious serve...

7.5CVSS7AI score0.01134EPSS
Exploits0References15
Rows per page
Query Builder