1525 matches found
EUVD-2026-45213
Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...
CVE-2026-63308
Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...
PT-2026-60806
Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...
CVE-2026-44452
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit 8dc37cb, when h2o receives a ClientHello message over TLS or QUIC and it contains a zero-length SNI extension, the h2o server runs over the zero-length hostname while trying to copy the hostname, assuming that it ...
CVE-2026-44452 h2o is vulnerable to heap overrun
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit 8dc37cb, when h2o receives a ClientHello message over TLS or QUIC and it contains a zero-length SNI extension, the h2o server runs over the zero-length hostname while trying to copy the hostname, assuming that it ...
CVE-2026-44452
CVE-2026-44452 affects the h2o HTTP server (supports HTTP/1.x, 2, 3). Affected behavior occurs when a TLS/QUIC ClientHello contains a zero-length SNI extension; h2o can attempt to copy the hostname assuming NULL-termination, causing a heap/segmentation fault that may enable a denial-of-service. T...
CVE-2026-59246 Zero-length HTTP/2 CONTINUATION frames bypass Mint's header-block byte-size cap and exhaust client memory
Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handlecontinuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/2...
CVE-2026-59246 Zero-length HTTP/2 CONTINUATION frames bypass Mint's header-block byte-size cap and exhaust client memory
Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handlecontinuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/2...
libcurl 8.18.0 < 8.21.0 QUIC UDP Denial of Service (CVE-2026-11352)
The version of libcurl installed on the remote host is 8.18.0 prior to 8.21.0. It is, therefore, affected by a denial of service vulnerability: - An issue in curl's QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client...
kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...
kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...
kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...
SUSE-SU-2026:2747-1 Security update for libarchive
This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. - CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing bsc1259928. - CVE-2026-4426: undefined behavior due to unvalidat...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop in the udpreceive process. An attacker can cause the client to enter a busy-loop and become unresponsive by continuously sending zero-length UDP datagrams from a malicious HTTP/3 server. Remediation Upgrade libcurl to...
Dhcpcd: dhcpcd infinite loop and out-of-bounds read via zero-length ipv6 nd option in router advertisement handling
...
CVE-2026-11352 QUIC zero-length UDP datagrams busy-loop
An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, a connected QUIC peer can...
CVE-2026-11352
The CVE-2026-11352 issue affects curl/libcurl: a bug in the QUIC UDP receive path discards zero-length UDP datagrams instead of counting them toward the per-call budget, enabling a connected HTTP/3 peer to continuously send empty datagrams and cause a remote denial-of-service against curl or libc...
CVE-2026-11352 QUIC zero-length UDP datagrams busy-loop
An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, a connected QUIC peer can...
Linux Distros Unpatched Vulnerability : CVE-2026-14258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length...
dnsmasq: NSEC bitmap parsing infinite loop
A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...