Lucene search
K

234 matches found

OSV
OSV
added 2026/03/07 9:16 a.m.5 views

ALPINE-CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.4AI score0.00418EPSS
Exploits0References1
NVD
NVD
added 2026/03/07 9:16 a.m.10 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS0.00418EPSS
Exploits0References2
OSV
OSV
added 2026/03/07 9:16 a.m.6 views

UBUNTU-CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/07 8:10 a.m.34 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

0.00418EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/07 8:10 a.m.4 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

5.8AI score0.00418EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.5 views

PT-2026-23848

Name of the Vulnerable Software and Affected Versions dpkg-deb affected versions not specified Description The dpkg-deb component of the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive. This can lead to a...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References30
OpenVAS
OpenVAS
added 2026/01/15 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-7927-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.9CVSS6.8AI score0.00622EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/01/13 2:36 p.m.3 views

USN-7927-3: urllib3 regression

USN-7927-1 fixed vulnerabilities in urllib3. The update for CVE-2025-66471 introduced a regression in urllib3 when decompressing zstd data. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Illia Volochii discovered that urllib3 did not limit the steps ...

8.9CVSS7.4AI score0.00622EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 2:36 p.m.5 views

USN-7927-3 python-urllib3 regression

USN-7927-1 fixed vulnerabilities in urllib3. The update for CVE-2025-66471 introduced a regression in urllib3 when decompressing zstd data. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Illia Volochii discovered that urllib3 did not limit the steps ...

8.9CVSS6.7AI score0.00622EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: erofs: Avoid infinite loops due to incomplete zstd-compressed data. Currently, the decompression logic incorrectly processes compressed data if the data is truncated in crafted deliberately corrupted images...

5.9AI score0.00166EPSS
Exploits0References3
OSV
OSV
added 2026/01/12 9:26 p.m.6 views

USN-7927-2 python-urllib3 regression

USN-7927-1 fixed vulnerabilities in urllib3. The update for CVE-2025-66471 introduced a regression in the zstd decompression component inside urllib3. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Illia Volochii discovered that urllib3 did not limit...

8.9CVSS6.7AI score0.00622EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/20 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : netty (SUSE-SU-2025:4489-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4489-1 advisory. Update to upstream version 4.1.130. Security issues fixed: - CVE-2025-67735: lack of URI sanitization in HttpRequestEncoder allows for CRL...

6.5CVSS7.7AI score0.00292EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2025/12/17 12:25 a.m.6 views

SUSE CVE-2025-68210

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loop due to incomplete zstd-compressed data Currently, the decompression logic incorrectly spins if compressed data is truncated in crafted deliberately corrupted images...

5.5CVSS6.5AI score0.00166EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/17 12:24 a.m.4 views

SUSE CVE-2025-68262

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

5.5CVSS6.6AI score0.00169EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/16 3:30 p.m.4 views

EUVD-2025-203748

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

6AI score0.00169EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/16 3:30 p.m.5 views

EUVD-2025-203686

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loop due to incomplete zstd-compressed data Currently, the decompression logic incorrectly spins if compressed data is truncated in crafted deliberately corrupted images...

6AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2025/12/16 3:15 p.m.6 views

CVE-2025-68262

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

0.00169EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/16 3:15 p.m.2 views

CVE-2025-68262

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

5.7AI score0.00169EPSS
Exploits0References11
OSV
OSV
added 2025/12/16 3:15 p.m.2 views

UBUNTU-CVE-2025-68262

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

5.7AI score0.00169EPSS
Exploits0References12
Cvelist
Cvelist
added 2025/12/16 2:45 p.m.27 views

CVE-2025-68262 crypto: zstd - fix double-free in per-CPU stream cleanup

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

0.00169EPSS
Exploits0References3
Rows per page
Query Builder