Fallos del tipo CWE-409
61 resultadosCVE-2024-43499HIGH.NET and Visual Studio Denial of Service VulnerabilityEPSS 2.6%CVE-2024-28180MEDIUMGo JOSE vulnerable to Improper Handling of Highly Compressed Data (Data Amplification)EPSS 2.0%CVE-2017-16129—The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed responsEPSS 1.8%CVE-2022-29225HIGHZip bomb vulnerability in EnvoyEPSS 1.4%CVE-2023-26483MEDIUMgosaml2 vulnerable to Denial of Service via deflate decompression bombEPSS 1.0%CVE-2024-3572HIGHXML External Entity (XXE) Vulnerability in scrapy/scrapyEPSS 0.8%CVE-2023-0821MEDIUMNomad Client Vulnerable to Decompression Bombs in Artifact BlockEPSS 0.8%CVE-2024-28101HIGHApollo Router's Compressed Payloads do not respect HTTP Payload LimitsEPSS 0.8%CVE-2024-7765HIGHDenial of Service in h2oai/h2o-3EPSS 0.7%CVE-2026-21441HIGHurllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)EPSS 0.7%CVE-2024-12886HIGHOut-Of-Memory (OOM) Vulnerability in ollama/ollamaEPSS 0.7%CVE-2024-12387MEDIUMImproper Input Validation in binary-husky/gpt_academicEPSS 0.7%CVE-2026-23943MEDIUMPre-auth SSH DoS via unbounded zlib inflateEPSS 0.6%CVE-2026-1526HIGHundici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate DecompressionEPSS 0.6%CVE-2025-66471HIGHurllib3 Streaming API improperly handles highly compressed dataEPSS 0.6%CVE-2025-25186MEDIUMNet::IMAP vulnerable to possible DoS by memory exhaustionEPSS 0.6%CVE-2024-54016MEDIUMcompression bomb attack in Apache Seata ServerEPSS 0.6%CVE-2025-58057MEDIUMNetty's BrotliDecoder is vulnerable to DoS via zip bomb style attackEPSS 0.6%CVE-2026-43970HIGHDecompression Bomb in cow_spdy:inflate/2 Allows Memory Exhaustion via Crafted SPDY FrameEPSS 0.5%CVE-2026-40036HIGHUnfurl < 2026.04 - Denial of Service via Unbounded zlib DecompressionEPSS 0.5%