2 matches found
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the size parameter in the /rest/getCoverArt and /share/img/ endpoints. An attacker can cause excessive memory allocation and disk exhaustion by supplying an extremely large value, leading ...
PT-2026-6325
Name of the Vulnerable Software and Affected Versions Navidrome versions prior to 0.60.0 Description Navidrome is a web-based music collection server and streamer. A cross-site scripting issue exists in the frontend that allows a malicious attacker to inject code through the comment metadata of a...