Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 2:12 a.m.19 views

CVE-2026-7790

A flaw was found in ninenines cowlib, specifically within the cowhttpte module's chunked transfer-encoding parser. An unauthenticated remote attacker can exploit this by sending an HTTP/1.1 request containing a Transfer-Encoding: chunked header with an excessively long hexadecimal string in the...

8.7CVSS5.7AI score0.00431EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/18 12:24 p.m.17 views

bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD Authenticated Encryption with Associated Data message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/18 12:21 p.m.16 views

bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD Authenticated Encryption with Associated Data message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/15 8:2 a.m.18 views

Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS

...

8.7CVSS5.8AI score0.00431EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.11 views

bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD Authenticated Encryption with Associated Data message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 a.m.13 views

bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD Authenticated Encryption with Associated Data message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References5
OSV
OSV
added 2026/04/15 10:16 a.m.3 views

DEBIAN-CVE-2026-3505

Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java,...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References1
NVD
NVD
added 2026/04/15 10:16 a.m.62 views

CVE-2026-3505

Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java,...

8.7CVSS0.00758EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2026/04/15 9:6 a.m.11 views

CVE-2026-3505

Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java,...

8.7CVSS5.8AI score0.00758EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/15 9:6 a.m.5 views

CVE-2026-3505

Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java,...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder