3 matches found
Improper Handling of Highly Compressed Data (Data Amplification)
Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the BrotliDecoder.decompress function, which has no limit on how often it calls pull, decompressing data 64K bytes at a time. An attacker can exhaust system memory and...
PT-2025-33667
Name of the Vulnerable Software and Affected Versions: Copier versions prior to 9.9.1 Description: Copier exposes pathlib.Path objects in the Jinja context with unconstrained I/O methods, allowing a safe template to read and write arbitrary files. This renders the security model regarding...
UBUNTU-CVE-2020-29394
A buffer overflow in the dltfilterload function in dltcommon.c from dlt-daemon through 2.18.5 GENIVI Diagnostic Log and Trace allows arbitrary code execution because fscanf is misused no limit on the number of characters to be read in the format argument...