CWE-409
AllowedImproper Handling of Highly Compressed Data (Data Amplification)
Abstraction: Base · Status: Incomplete
The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.
148 vulnerabilities reference this CWE, most recent first.
GHSA-Q432-RMQV-HH8M
Vulnerability from github – Published: 2026-06-06 12:31 – Updated: 2026-06-09 09:32Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb.
Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory (the "HTTP/2 bomb").
The headers_decode method materialises a full key+value copy per indexed reference with no running size check, and the stream_header_block_add method appends (since version 1.12) every CONTINUATION frame to the per-stream buffer unbounded.
MAX_HEADER_LIST_SIZE (default 65536) is advertised in SETTINGS but never consulted on decode. It is absent from the decoder and from the :limits export tag.
{
"affected": [],
"aliases": [
"CVE-2026-10725"
],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-06T10:16:25Z",
"severity": "HIGH"
},
"details": "Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb.\n\nProtocol::HTTP2\u0027s inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory (the \"HTTP/2 bomb\").\n\nThe headers_decode method materialises a full key+value copy per indexed reference with no running size check, and the stream_header_block_add method appends (since version 1.12) every CONTINUATION frame to the per-stream buffer unbounded.\n\nMAX_HEADER_LIST_SIZE (default 65536) is advertised in SETTINGS but never consulted on decode. It is absent from the decoder and from the :limits export tag.",
"id": "GHSA-q432-rmqv-hh8m",
"modified": "2026-06-09T09:32:06Z",
"published": "2026-06-06T12:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10725"
},
{
"type": "WEB",
"url": "https://github.com/vlet/p5-Protocol-HTTP2/commit/822bf22224adbd662e8d0b865eeacb2b294d16cd.patch"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/CRUX/Protocol-HTTP2-1.12/source/lib/Protocol/HTTP2/HeaderCompression.pm#L133"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/CRUX/Protocol-HTTP2-1.12/source/lib/Protocol/HTTP2/Stream.pm#L414"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/CRUX/Protocol-HTTP2-1.13/changes"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/patches/P/Protocol-HTTP2/1.12/CVE-2026-10725-r1.patch"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/patches/P/Protocol-HTTP2/1.12/CVE-2026-10725-r2.patch"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/06/06/7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QRVQ-68C2-7GRW
Vulnerability from github – Published: 2026-02-24 16:04 – Updated: 2026-02-27 20:03Impact
The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. The implementation bound the memory size of a NATS message but did not independently bound the memory consumption of the memory stream when constructing a NATS message which might then fail validation for size reasons.
An attacker can use a compression bomb to cause excessive memory consumption, often resulting in the operating system terminating the server process.
The use of compression is negotiated before authentication, so this does not require valid NATS credentials to exploit.
The fix was to bounds the decompression to fail once the message was too large, instead of continuing on.
Patches
This was released in nats-server without being highlighted as a security issue. It should have been, this was an oversight. Per the NATS security policy, because this does not require a valid user, it is CVE-worthy.
This was fixed in the v2.11 series with v2.11.12 and in the v2.12 series with v2.12.3.
Workarounds
This only affects deployments which use WebSockets and which expose the network port to untrusted end-points.
References
This was reported to the NATS maintainers by Pavel Kohout of Aisle Research (www.aisle.com).
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/nats-io/nats-server/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.12"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/nats-io/nats-server/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.12.0-RC.1"
},
{
"fixed": "2.12.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/nats-io/nats-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27571"
],
"database_specific": {
"cwe_ids": [
"CWE-409",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-24T16:04:53Z",
"nvd_published_at": "2026-02-24T17:29:03Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nThe WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. The implementation bound the memory size of a NATS message but did not independently bound the memory consumption of the memory stream when constructing a NATS message which might then fail validation for size reasons.\n\nAn attacker can use a compression bomb to cause excessive memory consumption, often resulting in the operating system terminating the server process.\n\nThe use of compression is negotiated before authentication, so this does not require valid NATS credentials to exploit.\n\nThe fix was to bounds the decompression to fail once the message was too large, instead of continuing on.\n\n### Patches\n\nThis was released in nats-server without being highlighted as a security issue. It should have been, this was an oversight. Per the NATS security policy, because this does not require a valid user, it is CVE-worthy.\n\nThis was fixed in the v2.11 series with v2.11.12 and in the v2.12 series with v2.12.3.\n\n### Workarounds\n\nThis only affects deployments which use WebSockets and which expose the network port to untrusted end-points.\n\n### References\n\nThis was reported to the NATS maintainers by Pavel Kohout of Aisle Research (www.aisle.com).",
"id": "GHSA-qrvq-68c2-7grw",
"modified": "2026-02-27T20:03:26Z",
"published": "2026-02-24T16:04:53Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-qrvq-68c2-7grw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27571"
},
{
"type": "WEB",
"url": "https://github.com/nats-io/nats-server/commit/f77fb7c4535e6727cc1a2899cd8e6bbdd8ba2017"
},
{
"type": "PACKAGE",
"url": "https://github.com/nats-io/nats-server"
},
{
"type": "WEB",
"url": "https://github.com/nats-io/nats-server/releases/tag/v2.11.12"
},
{
"type": "WEB",
"url": "https://github.com/nats-io/nats-server/releases/tag/v2.12.3"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2026-4533"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "nats-server websockets are vulnerable to pre-auth memory DoS"
}
GHSA-R3XG-RG9J-67FV
Vulnerability from github – Published: 2026-06-03 21:13 – Updated: 2026-06-03 21:13Impact
The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity (XXE) attacks to read local files or cause denial of service - Decompression bombs (zip bombs) to exhaust memory and disk space - Unbounded archive extraction consuming system resources
An attacker could craft malicious METS-GBS archives that, when processed, could read sensitive files, exhaust system resources, or cause application crashes.
Patches
Fixed in version 2.91.0. The fix implements:
- Secure XML parsing with resolve_entities=False, load_dtd=False, and no_network=True
- Configurable limits: 300 MB total extraction size, 10 MB per file, 1000 member count
- Cumulative size tracking across all extractions
- Early termination when limits are exceeded
- Secure format detection of METS-GBS tar archives with _detect_mets_gbs() method: maximum file size (10 MB per file), maximum member count (1000 members), and exception handling to gracefully fail when limits are exceeded
Workarounds
Avoid processing METS-GBS archives from untrusted sources. If necessary, pre-validate archives in an isolated environment with resource limits.
References
- Fix release: v2.91.0
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "docling"
},
"ranges": [
{
"events": [
{
"introduced": "2.45.0"
},
{
"fixed": "2.91.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44018"
],
"database_specific": {
"cwe_ids": [
"CWE-409",
"CWE-611",
"CWE-776"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-03T21:13:32Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Impact\nThe METS-GBS backend\u0027s XML parsing and the input document format detection lacked security controls, enabling:\n- XML External Entity (XXE) attacks to read local files or cause denial of service\n- Decompression bombs (zip bombs) to exhaust memory and disk space\n- Unbounded archive extraction consuming system resources\n\nAn attacker could craft malicious METS-GBS archives that, when processed, could read sensitive files, exhaust system resources, or cause application crashes.\n\n### Patches\nFixed in version 2.91.0. The fix implements:\n- Secure XML parsing with `resolve_entities=False`, `load_dtd=False`, and `no_network=True`\n- Configurable limits: 300 MB total extraction size, 10 MB per file, 1000 member count\n- Cumulative size tracking across all extractions\n- Early termination when limits are exceeded\n- Secure format detection of METS-GBS tar archives with `_detect_mets_gbs()` method: maximum file size (10 MB per file), maximum member count (1000 members), and exception handling to gracefully fail when limits are exceeded\n\n### Workarounds\nAvoid processing METS-GBS archives from untrusted sources. If necessary, pre-validate archives in an isolated environment with resource limits.\n\n### References\n- Fix release: [v2.91.0](https://github.com/docling-project/docling/releases/tag/v2.91.0)",
"id": "GHSA-r3xg-rg9j-67fv",
"modified": "2026-06-03T21:13:33Z",
"published": "2026-06-03T21:13:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/docling-project/docling/security/advisories/GHSA-r3xg-rg9j-67fv"
},
{
"type": "PACKAGE",
"url": "https://github.com/docling-project/docling"
},
{
"type": "WEB",
"url": "https://github.com/docling-project/docling/releases/tag/v2.91.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend"
}
GHSA-R44J-6VWC-M7HX
Vulnerability from github – Published: 2026-03-21 03:31 – Updated: 2026-03-21 03:31OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing local denial of service during skill installation.
{
"affected": [],
"aliases": [
"CVE-2026-32044"
],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-21T01:17:06Z",
"severity": "MODERATE"
},
"details": "OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing local denial of service during skill installation.",
"id": "GHSA-r44j-6vwc-m7hx",
"modified": "2026-03-21T03:31:13Z",
"published": "2026-03-21T03:31:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-77hf-7fqf-f227"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32044"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/0dbb92dd2bcf9a32379d11c0f11ed016669dae3e"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-tar-archive-safety-bypass-in-skills-installation"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R7FM-3PQM-WW5W
Vulnerability from github – Published: 2025-07-10 17:50 – Updated: 2025-07-10 23:21Impact
When decoding a scenario (i.e. a zip archive), the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system.
Patches
Patch has been implemented by commit 14042aa and shipped in v0.1.4.
Workarounds
No workaround exist.
References
N/A.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/ctfer-io/chall-manager"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.1.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-53633"
],
"database_specific": {
"cwe_ids": [
"CWE-405",
"CWE-409"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-10T17:50:25Z",
"nvd_published_at": "2025-07-10T20:15:27Z",
"severity": "HIGH"
},
"details": "### Impact\n\nWhen decoding a scenario (i.e. a zip archive), the size of the decoded content is not checked, potentially leading to zip bombs decompression.\nExploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system.\n\n### Patches\n\nPatch has been implemented by [commit `14042aa`](https://github.com/ctfer-io/chall-manager/commit/14042aa66a577caee777e10fe09adcf2587d20dd) and shipped in [`v0.1.4`](https://github.com/ctfer-io/chall-manager/releases/tag/v0.1.4).\n\n### Workarounds\n\nNo workaround exist.\n\n### References\n\nN/A.",
"id": "GHSA-r7fm-3pqm-ww5w",
"modified": "2025-07-10T23:21:54Z",
"published": "2025-07-10T17:50:25Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ctfer-io/chall-manager/security/advisories/GHSA-r7fm-3pqm-ww5w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53633"
},
{
"type": "WEB",
"url": "https://github.com/ctfer-io/chall-manager/commit/14042aa66a577caee777e10fe09adcf2587d20dd"
},
{
"type": "PACKAGE",
"url": "https://github.com/ctfer-io/chall-manager"
},
{
"type": "WEB",
"url": "https://github.com/ctfer-io/chall-manager/releases/tag/v0.1.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Chall-Manager\u0027s scenario decoding process does not check for zip bombs"
}
GHSA-RMQV-7V3J-MR7P
Vulnerability from github – Published: 2024-04-16 00:30 – Updated: 2024-04-16 14:04Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-7j7m-v7m3-jqm7. This link is maintained to preserve external references.
Original Description
The scrapy/scrapy project is vulnerable to XML External Entity (XXE) attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows attackers to perform denial of service attacks, access local files, generate network connections, or circumvent firewalls by submitting specially crafted XML data.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "scrapy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-16T12:42:26Z",
"nvd_published_at": "2024-04-16T00:15:12Z",
"severity": "HIGH"
},
"details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-7j7m-v7m3-jqm7. This link is maintained to preserve external references.\n\n## Original Description\nThe scrapy/scrapy project is vulnerable to XML External Entity (XXE) attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows attackers to perform denial of service attacks, access local files, generate network connections, or circumvent firewalls by submitting specially crafted XML data. ",
"id": "GHSA-rmqv-7v3j-mr7p",
"modified": "2024-04-16T14:04:36Z",
"published": "2024-04-16T00:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3572"
},
{
"type": "WEB",
"url": "https://github.com/scrapy/scrapy/commit/809bfac4890f75fc73607318a04d2ccba71b3d9f"
},
{
"type": "PACKAGE",
"url": "https://github.com/scrapy/scrapy"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/c4a0fac9-0c5a-4718-9ee4-2d06d58adabb"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Duplicate Advisory: Scrapy decompression bomb vulnerability",
"withdrawn": "2024-04-16T14:04:36Z"
}
GHSA-RR89-W3H9-M66J
Vulnerability from github – Published: 2026-05-29 17:52 – Updated: 2026-05-29 17:52Impact
Versions of ExifReader from 4.20.0 through 4.38.1 do not bound the size of decompressed metadata blocks. When a caller invokes the asynchronous API (e.g. ExifReader.load(file) or ExifReader.load(buffer, {async: true})) on an attacker-supplied image, a small compressed chunk in the file can expand to hundreds of megabytes of memory, consuming heap and CPU until the process slows down or runs out of memory.
The affected paths share a single decompression utility, so the issue is reachable through any compressed metadata block the library handles asynchronously, including:
- PNG
zTXt, compressediTXt, andiCCPchunks (deflate) - JPEG XL Brotli-compressed Exif and XMP blocks
A typical proof of concept produced roughly 1000× expansion (for example, ~32 KB of compressed input expanded to ~32 MB of output, ~130 KB to ~128 MB).
Both the npm package and the dist/ bundle published from this repository (consumed by Bower and other users of the prebuilt artifact) are affected.
Patches
Fixed in 4.39.0. The decompression utility now reads the decompressed stream incrementally and aborts as soon as the running total would exceed a configurable limit. The default cap is 128 MiB per metadata block, which is well above any realistic legitimate value. When a block exceeds the cap, that block is skipped (a warning is emitted via console.warn) and the remaining tags are returned as usual.
The cap is configurable via the new maxDecompressedSize field on the decompress option, in bytes:
const tags = await ExifReader.load(file, {
async: true,
decompress: {
maxDecompressedSize: 16 * 1024 * 1024 // 16 MiB
}
});
The same cap applies to results returned by user-supplied custom brotli/deflate functions.
Workarounds
- If upgrading is not possible, avoid invoking the asynchronous API on untrusted inputs. The synchronous code path skips compressed metadata blocks entirely and is not affected. Alternatively, pre-validate input files by source or size before passing them to ExifReader.
Resources
- Reporter's writeup: https://gist.github.com/yuki-matsuhashi/cad1a45d936062438b4ab24613c34c55
- Patch: https://github.com/mattiasw/ExifReader/commit/5f116128adc19f674902f8bf582bfe7dd0a36375
- README — "Limiting decompressed metadata size": https://github.com/mattiasw/ExifReader/blob/main/README.md#limiting-decompressed-metadata-size
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "exifreader"
},
"ranges": [
{
"events": [
{
"introduced": "4.20.0"
},
{
"fixed": "4.39.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-8814"
],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-29T17:52:26Z",
"nvd_published_at": "2026-05-19T07:16:30Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nVersions of ExifReader from 4.20.0 through 4.38.1 do not bound the size of decompressed metadata blocks. When a caller invokes the asynchronous API (e.g. `ExifReader.load(file)` or `ExifReader.load(buffer, {async: true})`) on an attacker-supplied image, a small compressed chunk in the file can expand to hundreds of megabytes of memory, consuming heap and CPU until the process slows down or runs out of memory.\n\nThe affected paths share a single decompression utility, so the issue is reachable through any compressed metadata block the library handles asynchronously, including:\n\n- PNG `zTXt`, compressed `iTXt`, and `iCCP` chunks (deflate)\n- JPEG XL Brotli-compressed Exif and XMP blocks\n\nA typical proof of concept produced roughly 1000\u00d7 expansion (for example, ~32 KB of compressed input expanded to ~32 MB of output, ~130 KB to ~128 MB).\n\nBoth the npm package and the `dist/` bundle published from this repository (consumed by Bower and other users of the prebuilt artifact) are affected.\n\n### Patches\n\nFixed in **4.39.0**. The decompression utility now reads the decompressed stream incrementally and aborts as soon as the running total would exceed a configurable limit. The default cap is **128 MiB** per metadata block, which is well above any realistic legitimate value. When a block exceeds the cap, that block is skipped (a warning is emitted via `console.warn`) and the remaining tags are returned as usual.\n\nThe cap is configurable via the new `maxDecompressedSize` field on the `decompress` option, in bytes:\n\n```javascript\nconst tags = await ExifReader.load(file, {\n async: true,\n decompress: {\n maxDecompressedSize: 16 * 1024 * 1024 // 16 MiB\n }\n});\n```\n\nThe same cap applies to results returned by user-supplied custom `brotli`/`deflate` functions.\n\n### Workarounds\n\n- If upgrading is not possible, avoid invoking the asynchronous API on untrusted inputs. The synchronous code path skips compressed metadata blocks entirely and is not affected. Alternatively, pre-validate input files by source or size before passing them to ExifReader.\n\n### Resources\n\n- Reporter\u0027s writeup: https://gist.github.com/yuki-matsuhashi/cad1a45d936062438b4ab24613c34c55\n- Patch: https://github.com/mattiasw/ExifReader/commit/5f116128adc19f674902f8bf582bfe7dd0a36375\n- README \u2014 \"Limiting decompressed metadata size\": https://github.com/mattiasw/ExifReader/blob/main/README.md#limiting-decompressed-metadata-size",
"id": "GHSA-rr89-w3h9-m66j",
"modified": "2026-05-29T17:52:26Z",
"published": "2026-05-29T17:52:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/mattiasw/ExifReader/security/advisories/GHSA-rr89-w3h9-m66j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8814"
},
{
"type": "WEB",
"url": "https://github.com/mattiasw/ExifReader/commit/5f116128adc19f674902f8bf582bfe7dd0a36375"
},
{
"type": "WEB",
"url": "https://gist.github.com/yuki-matsuhashi/cad1a45d936062438b4ab24613c34c55"
},
{
"type": "PACKAGE",
"url": "https://github.com/mattiasw/ExifReader"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JS-EXIFREADER-16689340"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "ExifReader is vulnerable to denial of service via unbounded decompression of image metadata"
}
GHSA-V464-R2R9-WWW7
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-21 17:25An Out-Of-Memory (OOM) vulnerability exists in the ollama server version 0.3.14. This vulnerability can be triggered when a malicious API server responds with a gzip bomb HTTP response, leading to the ollama server crashing. The vulnerability is present in the makeRequestWithRetry and getAuthorizationToken functions, which use io.ReadAll to read the response body. This can result in excessive memory usage and a Denial of Service (DoS) condition.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/ollama/ollama"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.3.14"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-12886"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-409"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-21T17:25:07Z",
"nvd_published_at": "2025-03-20T10:15:31Z",
"severity": "HIGH"
},
"details": "An Out-Of-Memory (OOM) vulnerability exists in the `ollama` server version 0.3.14. This vulnerability can be triggered when a malicious API server responds with a gzip bomb HTTP response, leading to the `ollama` server crashing. The vulnerability is present in the `makeRequestWithRetry` and `getAuthorizationToken` functions, which use `io.ReadAll` to read the response body. This can result in excessive memory usage and a Denial of Service (DoS) condition.",
"id": "GHSA-v464-r2r9-www7",
"modified": "2025-03-21T17:25:07Z",
"published": "2025-03-20T12:32:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12886"
},
{
"type": "PACKAGE",
"url": "https://github.com/ollama/ollama"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/f115fe52-58af-4844-ad29-b1c25f7245df"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP"
}
GHSA-V626-428R-43P8
Vulnerability from github – Published: 2026-07-15 12:32 – Updated: 2026-07-15 12:32Grav 2.0.1 contains a decompression-bomb size-cap bypass in ZipArchiver and GPM\Installer. The size bound introduced in 2.0.1 sums the uncompressed size declared in each entry's ZIP central-directory header (ZipArchive::statIndex()['size']) and rejects archives exceeding system.gpm.archive.max_uncompressed_size before extraction. Because this declared size is attacker-forgeable and is not cross-checked against the actual inflated stream, a crafted archive declaring tiny per-entry sizes passes the cap while extractTo() writes the real, much larger content, filling disk or exhausting inodes. The archive must be supplied by a package source or admin upload (admin/operator trust). Fixed in 2.0.2. This is an incomplete fix for GHSA-928x-9mpw-8h56.
{
"affected": [],
"aliases": [
"CVE-2026-61449"
],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-15T12:18:19Z",
"severity": "HIGH"
},
"details": "Grav 2.0.1 contains a decompression-bomb size-cap bypass in ZipArchiver and GPM\\Installer. The size bound introduced in 2.0.1 sums the uncompressed size declared in each entry\u0027s ZIP central-directory header (ZipArchive::statIndex()[\u0027size\u0027]) and rejects archives exceeding system.gpm.archive.max_uncompressed_size before extraction. Because this declared size is attacker-forgeable and is not cross-checked against the actual inflated stream, a crafted archive declaring tiny per-entry sizes passes the cap while extractTo() writes the real, much larger content, filling disk or exhausting inodes. The archive must be supplied by a package source or admin upload (admin/operator trust). Fixed in 2.0.2. This is an incomplete fix for GHSA-928x-9mpw-8h56.",
"id": "GHSA-v626-428r-43p8",
"modified": "2026-07-15T12:32:04Z",
"published": "2026-07-15T12:32:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/getgrav/grav/security/advisories/GHSA-8h9x-89f2-m7x3"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-61449"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/grav-before-decompression-bomb-via-forged-zip-size"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-V647-H8JJ-FW5R
Vulnerability from github – Published: 2024-12-16 09:31 – Updated: 2024-12-16 19:27Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12 fail to limit the file size for slack import file uploads which allows a user to cause a DoS via zip bomb by importing data in a team they are a team admin.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/mattermost/mattermost/server/v8"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.0"
},
{
"fixed": "10.1.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/mattermost/mattermost/server/v8"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.0.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/mattermost/mattermost/server/v8"
},
"ranges": [
{
"events": [
{
"introduced": "9.11.0"
},
{
"fixed": "9.11.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/mattermost/mattermost/server/v8"
},
"ranges": [
{
"events": [
{
"introduced": "9.5.0"
},
{
"fixed": "9.5.13"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-54682"
],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": true,
"github_reviewed_at": "2024-12-16T19:27:16Z",
"nvd_published_at": "2024-12-16T08:15:05Z",
"severity": "MODERATE"
},
"details": "Mattermost versions 10.1.x \u003c= 10.1.2, 10.0.x \u003c= 10.0.2, 9.11.x \u003c= 9.11.4, 9.5.x \u003c= 9.5.12 fail to limit the file size for slack import file uploads which allows a user to\u00a0cause a DoS via zip bomb by importing data in a team they are a team admin.",
"id": "GHSA-v647-h8jj-fw5r",
"modified": "2024-12-16T19:27:16Z",
"published": "2024-12-16T09:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54682"
},
{
"type": "PACKAGE",
"url": "https://github.com/mattermost/mattermost"
},
{
"type": "WEB",
"url": "https://mattermost.com/security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Mattermost Data Amplification vulnerability"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.