Fallos del tipo CWE-409
61 resultadosCVE-2026-2575MEDIUMKeycloak: keycloak: denial of service due to excessive samlrequest decompressionEPSS 0.5%CVE-2025-30153HIGHImproper Handling of Highly Compressed Data (Data Amplification) in github.com/getkin/kin-openapi/openapi3filterEPSS 0.5%CVE-2026-27571MEDIUMnats-server websockets are vulnerable to pre-auth memory DoSEPSS 0.5%CVE-2024-1947MEDIUMImproper Handling of Highly Compressed Data (Data Amplification) in GitLabEPSS 0.5%CVE-2026-8814MEDIUMVersions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data (Data Amplification) due to dEPSS 0.5%CVE-2025-32949MEDIUMPeerTube User Import Authenticated Resource ExhaustionEPSS 0.5%CVE-2025-66909HIGHTurms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an image decompression bomb denial of service vulnerability. The ExtendedOpenCEPSS 0.5%CVE-2023-0475MEDIUMGo-Getter Vulnerable to Decompression BombsEPSS 0.5%CVE-2026-49755HIGHDecompression bomb DoS in Req via auto-decoded archive and compressed response bodiesEPSS 0.4%CVE-2026-22870HIGHGuardDog Zip Bomb Vulnerability in safe_extract() Allows DoSEPSS 0.4%CVE-2026-28435HIGHPayload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplibEPSS 0.4%CVE-2024-54682MEDIUMZipbomb DoS via Missing Slack Import ValidationEPSS 0.4%CVE-2026-10725HIGHProtocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 BombEPSS 0.4%CVE-2025-46730MEDIUMMobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death AttackEPSS 0.4%CVE-2026-27809MEDIUMpsd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gapsEPSS 0.4%CVE-2025-62708MEDIUMpypdf manipulated LZWDecode streams can exhaust RAMEPSS 0.4%CVE-2026-44432HIGHurllib3: Decompression-bomb safeguards bypassed in parts of the streaming APIEPSS 0.4%CVE-2026-44697HIGHKlever-Go MultiDataInterceptor: remote OOM via crafted compressed P2P payloadEPSS 0.4%CVE-2026-54314MEDIUMn8n: Denial of Service via ZIP decompression in webhook workflowEPSS 0.4%CVE-2026-22776HIGHcpp-httplib vulnerable to a denial of service (DOS) using a zip bombEPSS 0.4%