xz 安全漏洞

xz is a software application. It is used to support reading and writing xz compressed streams. A security vulnerability exists in xz versions prior to 0.5.14, which stems from insufficient detection of the header of LZMA-encoded byte streams and may lead to increased memory consumption...

RHSA-2025:7524 Red Hat Security Advisory: xz security update

Bulletin has no description...

SUSE-SU-2022:1160-1 Security update for xz

This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames ZDI-CAN-16587. bsc1198062...

xz 安全漏洞

xz is a software application. It is used to support reading and writing xz compressed streams. A security vulnerability exists in versions prior to xz v0.5.8, which stems from the readUvarint function used to read the xz container format may not terminate the loop to provide malicious input...

GO-2020-0016 Infinite loop in github.com/ulikunitz/xz

An attacker can construct a series of bytes such that calling Reader.Read on the bytes could cause an infinite loop. If parsing user supplied input, this may be used as a denial of service vector...