4 matches found
CVE-2026-44488 Axios: Allocation of Resources Without Limits or Throttling in axios
Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetch adapter. Applications that selected adapter: 'fetch', or ran in environments where axios resolve...
CVE-2026-31707
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...
GO-2026-4726 Mattermost fails to limit the size of responses from integration action endpoints in github.com/mattermost/mattermost-server
Mattermost fails to limit the size of responses from integration action endpoints in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...
PT-2021-9103 · Go +5 · Github.Com/Tendermint/Tendermint +2
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to the support of Gzip compression in request bodies and the lack of limiting response body sizes. This can allow a malicious serve...