Fallos del tipo CWE-407
90 resultadosCVE-2026-42504HIGHQuadratic complexity in WordDecoder.DecodeHeader in mimeEPSS 0.6%CVE-2024-39702MEDIUMIn lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during string interning) allows HashDoS (Hash DenEPSS 0.6%CVE-2025-23020MEDIUMAn issue was discovered in Kwik before 0.10.1. A hash collision vulnerability (in the hash table used to manage connections) allows remote aEPSS 0.5%CVE-2026-27903HIGHminimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segmentsEPSS 0.5%CVE-2025-29908MEDIUMNetty QUIC hash collision DoS attackEPSS 0.5%CVE-2025-24946MEDIUMThe hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a consideEPSS 0.5%CVE-2026-3276MEDIUMPotential DoS via quadratic complexity in unicodedata.normalize()EPSS 0.5%CVE-2026-40476MEDIUMgraphql-php: Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validationEPSS 0.5%CVE-2026-3988HIGHInefficient Algorithmic Complexity in GitLabEPSS 0.5%CVE-2025-11230HIGHDenial of service vulnerability in HAProxy mjson libraryEPSS 0.5%CVE-2026-34573HIGHParse Server: GraphQL complexity validator exponential fragment traversal DoSEPSS 0.5%CVE-2026-42304HIGHTwisted: Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer ChainsEPSS 0.4%CVE-2026-34230MEDIUMRack: Quadratic complexity in Rack::Utils.select_best_encoding via wildcard Accept-Encoding headerEPSS 0.4%CVE-2026-41292MEDIUMLong list of incoming EDNS options degrades performanceEPSS 0.4%CVE-2026-42245LOWnet-imap: Quadratic complexity when reading response literalsEPSS 0.4%CVE-2026-28804MEDIUMpypdf: Inefficient decoding of ASCIIHexDecode streamsEPSS 0.4%CVE-2026-34827HIGHRack: Algorithmic-Complexity DoS in Rack::Multipart::ParserEPSS 0.4%CVE-2026-44390MEDIUMUnbounded name compression in certain cases causes degradation of serviceEPSS 0.4%CVE-2026-48959HIGHIO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForwardEPSS 0.4%CVE-2026-13311HIGHshell-quote parse() is quadratic in token count, enabling denial of serviceEPSS 0.4%