CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

RedHat Linux•added 2026/06/03 8:19 a.m.•6 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS6.9AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/05/20 11:57 a.m.•10 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS6.9AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/03/17 4:1 a.m.•2 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS7.1AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/03/05 11:7 a.m.•5 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/03/05 7:55 a.m.•5 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/03/02 1:34 a.m.•2 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/03/02 1:23 a.m.•3 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/02/25 11:30 a.m.•3 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/02/24 12:1 p.m.•4 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

RedHat Linux•added 2026/02/24 11:39 a.m.•2 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

OSV•added 2026/01/28 8:16 p.m.•2 views

CVE-2025-61728

archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive...

6.5CVSS8.1AI score

Exploits0References5

OSV•added 2026/01/28 8:16 p.m.•3 views

AZL-78929 CVE-2025-61728 affecting package golang 1.25.7-1

6.5CVSS7.3AI score0.00643EPSS

Exploits1References1

OSV•added 2026/01/28 8:16 p.m.•1 views

UBUNTU-CVE-2025-61728

6.5CVSS7.3AI score0.00643EPSS

Exploits1References4

EUVD•added 2026/01/28 7:30 p.m.•4 views

EUVD-2025-206432

6.5CVSS5.9AI score0.00643EPSS

Exploits1References4

Snyk•added 2026/01/28 7:8 p.m.•4 views

Allocation of Resources Without Limits or Throttling

Overview std/archive/zip is a Go standard library package std/archive/zip Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: archive/zip uses a super-linear file name indexing algorithm that is invoked the first time ...

7.5CVSS7.3AI score0.00643EPSS

Exploits1References3

OSV•added 2024/02/10 5:15 a.m.•30 views

CVE-2024-21490

This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of servic...

7.5CVSS7.3AI score0.0181EPSS

Exploits1References6