Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Audiobookshelf: Memory amplification DoS via oversized compressed details entry in backup upload
Tandoor Recipes Affected by Denial of Service via Recipe Import
PraisonAI Affected by Decompression Bomb DoS via Recipe Bundle Extraction Without Size Limits
Unfurl < 2026.04 - Denial of Service via Unbounded zlib Decompression
JWCrypto: JWE ZIP decompression bomb
Zip Bomb Denial of Service via Unrestricted Archive Decompression
OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation
Keycloak: keycloak: denial of service due to excessive samlrequest decompression
file-type affected by ZIP Decompression Bomb DoS via [Content_Types].xml entry
Pre-auth SSH DoS via unbounded zlib inflate
undici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate Decompression
MarkUs: Zip bomb in config upload enables DoS
Payload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplib
psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
nats-server websockets are vulnerable to pre-auth memory DoS
GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS
cpp-httplib vulnerable to a denial of service (DOS) using a zip bomb
urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)
AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb
urllib3 Streaming API improperly handles highly compressed data
Showing 1 - 20 of 1,000+ results