Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-40006

Summary
Assigner-apache
Assigner Org ID-f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At-10 Jul, 2026 | 07:10
Updated At-10 Jul, 2026 | 14:59
Rejected At-
Credits

Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipe_air_gap_receiver_enabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no authentication. The readLength method reads an attacker-controlled 32-bit integer from the socket and readData passes it directly to new byte[length] with no upper-bound check. An unauthenticated attacker can cause the JVM to attempt an allocation of up to 2,147,483,647 bytes per connection, exhausting heap memory and crashing or severely degrading the DataNode process. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to upgrade to version 2.0.10, which fixes the issue.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:apache
Assigner Org ID:f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At:10 Jul, 2026 | 07:10
Updated At:10 Jul, 2026 | 14:59
Rejected At:
▼CVE Numbering Authority (CNA)
Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipe_air_gap_receiver_enabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no authentication. The readLength method reads an attacker-controlled 32-bit integer from the socket and readData passes it directly to new byte[length] with no upper-bound check. An unauthenticated attacker can cause the JVM to attempt an allocation of up to 2,147,483,647 bytes per connection, exhausting heap memory and crashing or severely degrading the DataNode process. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to upgrade to version 2.0.10, which fixes the issue.

Affected Products
Vendor
The Apache Software FoundationApache Software Foundation
Product
Apache IoTDB
Default Status
unaffected
Versions
Affected
  • From 1.0.0 before 2.0.10 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-789CWE-789 Memory Allocation with Excessive Size Value
CWECWE-770CWE-770 Allocation of Resources Without Limits or Throttling
CWECWE-306CWE-306 Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-789
Description: CWE-789 Memory Allocation with Excessive Size Value
Type: CWE
CWE ID: CWE-770
Description: CWE-770 Allocation of Resources Without Limits or Throttling
Type: CWE
CWE ID: CWE-306
Description: CWE-306 Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Textual description of severity
text:
important
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
bugbunny.ai
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://lists.apache.org/thread/rfpt7m9fvdrw37r3ow5omp2n914z6zqk
vendor-advisory
Hyperlink: https://lists.apache.org/thread/rfpt7m9fvdrw37r3ow5omp2n914z6zqk
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2026/07/10/3
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/07/10/3
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@apache.org
Published At:10 Jul, 2026 | 08:16
Updated At:10 Jul, 2026 | 16:16

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipe_air_gap_receiver_enabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no authentication. The readLength method reads an attacker-controlled 32-bit integer from the socket and readData passes it directly to new byte[length] with no upper-bound check. An unauthenticated attacker can cause the JVM to attempt an allocation of up to 2,147,483,647 bytes per connection, exhausting heap memory and crashing or severely degrading the DataNode process. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to upgrade to version 2.0.10, which fixes the issue.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-306Secondarysecurity@apache.org
CWE-770Secondarysecurity@apache.org
CWE-789Secondarysecurity@apache.org
CWE ID: CWE-306
Type: Secondary
Source: security@apache.org
CWE ID: CWE-770
Type: Secondary
Source: security@apache.org
CWE ID: CWE-789
Type: Secondary
Source: security@apache.org
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://lists.apache.org/thread/rfpt7m9fvdrw37r3ow5omp2n914z6zqksecurity@apache.org
N/A
http://www.openwall.com/lists/oss-security/2026/07/10/3af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://lists.apache.org/thread/rfpt7m9fvdrw37r3ow5omp2n914z6zqk
Source: security@apache.org
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/07/10/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1096Records found

CVE-2023-34396
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-4.3||MEDIUM
EPSS-5.47% / 91.86%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 07:50
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Struts: DoS via OOM owing to no sanity limit on normal form fields in multipart forms

Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater

Action-Not Available
Vendor-The Apache Software Foundation
Product-strutsApache Struts
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-43045
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.96% / 85.67%
||
7 Day CHG~0.00%
Published-06 Jan, 2022 | 18:00
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Possible DOS vulnerabilities in C# Avro SDK

A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-avroApache Avro
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-24998
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-46.84% / 98.69%
||
7 Day CHG~0.00%
Published-20 Feb, 2023 | 15:57
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured.

Action-Not Available
Vendor-Debian GNU/LinuxThe Apache Software Foundation
Product-debian_linuxcommons_fileuploadApache TomcatApache Commons FileUpload
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-27533
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-6.9||MEDIUM
EPSS-8.45% / 94.40%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 08:59
Updated-03 Nov, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections. This issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected. Users are recommended to upgrade to version 6.1.6+, 5.19.0+, 5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue. Existing users may implement mutual TLS to mitigate the risk on affected brokers.

Action-Not Available
Vendor-The Apache Software Foundation
Product-activemqApache ActiveMQ
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-54428
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.59% / 44.14%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 17:03
Updated-01 Jul, 2026 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HttpComponents Core: HPackDecoder Unlimited Header List Size Before SETTINGS ACK

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core (5.4.2 and earlier, 5.5-beta1 and earlier) allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2 SETTINGS acknowledgement causes the configured header list size limit to be applied.

Action-Not Available
Vendor-The Apache Software Foundation
Product-Apache HttpComponents Core
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-53916
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.80% / 52.34%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 09:49
Updated-02 Jul, 2026 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM heap. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Stomp: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-activemqApache ActiveMQ StompApache ActiveMQ AllApache ActiveMQ
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-53917
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.80% / 52.34%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 09:49
Updated-02 Jul, 2026 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message property maps are unmarshaled without size validation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ Broker: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-activemq_brokeractivemqApache ActiveMQ AllApache ActiveMQApache ActiveMQ ClientApache ActiveMQ Broker
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-49975
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-11.47% / 95.53%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 15:26
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_http2 denial of service

Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67.

Action-Not Available
Vendor-F5, Inc.The Apache Software FoundationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxhttp_serverApache HTTP ServerJBoss Core Services for RHEL 8Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-OnRed Hat JBoss Web Server 5Red Hat Enterprise Linux 10Red Hat JBoss Core Services 2.4.62.SP4Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat OpenShift Service Mesh 2.6Red Hat Enterprise Linux 8Red Hat JBoss Core ServicesRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Hardened ImagesJBoss Core Services on RHEL 7
CWE ID-CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-50734
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.80% / 52.34%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 09:53
Updated-02 Jul, 2026 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-activemqApache ActiveMQ AllApache ActiveMQApache ActiveMQ Client
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-49361
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.58% / 43.84%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 07:57
Updated-01 Jun, 2026 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Fluss Netty Frame Decoder Memory Exhaustion Vulnerability

Apache Fluss versions prior to 0.9.1 configure the Netty LengthFieldBasedFrameDecoder with Integer.MAX_VALUE as the maximum frame length, allowing unauthenticated remote attackers to exhaust JVM heap memory on TabletServer and CoordinatorServer by sending specially crafted frame headers, resulting in denial of service. This issue affects Apache Fluss (incubating): 0.8.0 and 0.9.0. Users are recommended to upgrade to version 0.9.1, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-flussApache Fluss (incubating)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-43868
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.66% / 47.67%
||
7 Day CHG~0.00%
Published-05 May, 2026 | 07:49
Updated-15 Jul, 2026 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software Foundation
Product-thriftApache ThriftRed Hat Data Grid 8Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1Red Hat AI Inference ServerRed Hat Fuse 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat OpenShift AI (RHOAI)Red Hat Enterprise Linux AI (RHEL AI) 3
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2022-35724
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.58% / 72.82%
||
7 Day CHG+0.03%
Published-09 Aug, 2022 | 06:50
Updated-03 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service while reading data in Avro Rust SDK

It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-avroApache Avro
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2022-34917
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.25% / 66.07%
||
7 Day CHG~0.00%
Published-20 Sep, 2022 | 08:35
Updated-29 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated clients may cause OutOfMemoryError on Apache Kafka Brokers

A security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amounts of memory on brokers. This can lead to brokers hitting OutOfMemoryException and causing denial of service. Example scenarios: - Kafka cluster without authentication: Any clients able to establish a network connection to a broker can trigger the issue. - Kafka cluster with SASL authentication: Any clients able to establish a network connection to a broker, without the need for valid SASL credentials, can trigger the issue. - Kafka cluster with TLS authentication: Only clients able to successfully authenticate via TLS can trigger the issue. We advise the users to upgrade the Kafka installations to one of the 3.2.3, 3.1.2, 3.0.2, 2.8.2 versions.

Action-Not Available
Vendor-The Apache Software Foundation
Product-kafkaApache Kafka
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-41284
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.78% / 51.83%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 15:14
Updated-14 May, 2026 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older, unsupported versions may also be affected. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-29404
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-5.68% / 92.12%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 10:00
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service in mod_lua r:parsebody

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software FoundationFedora Project
Product-http_serverclustered_data_ontapfedoraApache HTTP Server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-23913
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.72% / 84.36%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:33
Updated-15 Jun, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ActiveMQ Artemis DoS

In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.

Action-Not Available
Vendor-The Apache Software FoundationNetApp, Inc.
Product-active_iq_unified_managerartemisoncommand_workflow_automationApache ActiveMQ Artemis
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-42440
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.63% / 46.03%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 16:40
Updated-15 Jul, 2026 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader  Versions Affected:  before 1.9.5 before 2.5.9 before 3.0.0-M3  Description: The AbstractModelReader methods getOutcomes(), getOutcomePatterns(), and getPredicates() each read a 32-bit signed integer count field from a binary model stream and pass that value directly to an array allocation (new String[numOutcomes], new int[numOCTypes][], new String[NUM_PREDS]) without validating that the value is non-negative or within a reasonable bound. The count is therefore fully attacker-controlled when the model file originates from an untrusted source. A crafted .bin model file in which any of these count fields is set to Integer.MAX_VALUE (or any value large enough to exhaust the available heap) triggers an OutOfMemoryError at the array allocation itself, before the corresponding label or pattern data is consumed from the stream. The error occurs very early in deserialization: for a GIS model, getOutcomes() is reached after only the model-type string, the correction constant, and the correction parameter have been read; so the attacker pays no meaningful size cost to weaponize a payload, and a single small file can crash a JVM that loads it. Any code path that deserializes a .bin model is affected, including direct use of GenericModelReader and any higher-level component that delegates to it during model load. The practical impact is denial of service against processes that load model files from untrusted or semi-trusted origins.   Mitigation: * 2.x users should upgrade to 2.5.9. * 3.x users should upgrade to 3.0.0-M3. Note: The fix introduces an upper bound on each of the three count fields, checked before array allocation; counts that are negative or exceed the bound cause an IllegalArgumentException to be thrown and the read to fail fast with no large allocation. The default bound is 10,000,000, which is well above the entry counts of legitimate OpenNLP models but far below any value that would threaten heap exhaustion. Deployments that legitimately need to load models with more entries than the default can raise the limit at JVM startup by setting the OPENNLP_MAX_ENTRIES system property to the desired positive integer (e.g. -DOPENNLP_MAX_ENTRIES=50000000); invalid or non-positive values fall back to the default. Users who cannot upgrade immediately should treat all .bin model files as untrusted input unless their provenance is verified, and should avoid loading models supplied by end users or fetched from third-party repositories without integrity checks.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software Foundation
Product-opennlpApache OpenNLPRed Hat Fuse 7Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Data Grid 8Red Hat OpenShift AI (RHOAI)
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2022-36124
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.30% / 67.27%
||
7 Day CHG+0.03%
Published-09 Aug, 2022 | 06:50
Updated-23 Jun, 2026 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory overconsumption in Avro Rust SDK

It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-avroApache Avro
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-38286
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-8.6||HIGH
EPSS-1.70% / 74.67%
||
7 Day CHG~0.00%
Published-07 Nov, 2024 | 07:37
Updated-03 Nov, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Denial of Service

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.35 through 8.5.100 and 7.0.92 through 7.0.109. Other EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue. Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software Foundation
Product-tomcatontap_toolsApache Tomcattomcat
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-37358
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-8.6||HIGH
EPSS-0.86% / 54.31%
||
7 Day CHG~0.00%
Published-06 Feb, 2025 | 11:22
Updated-29 Sep, 2025 | 21:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache James: denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals.

Action-Not Available
Vendor-The Apache Software Foundation
Product-james_serverApache James server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-39304
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.90% / 55.53%
||
7 Day CHG~0.00%
Published-10 Apr, 2026 | 10:54
Updated-15 Jul, 2026 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger updates which causes the broker to exhaust all its memory in the SSL engine leading to DoS. Note: TLS versions before TLSv1.3 (such as TLSv1.2) are broken but are not vulnerable to OOM. Previous TLS versions require a full handshake renegotiation which causes a connection to hang but not OOM. This is fixed as well. This issue affects Apache ActiveMQ Client: before 5.19.4, from 6.0.0 before 6.2.4; Apache ActiveMQ Broker: before 5.19.4, from 6.0.0 before 6.2.4; Apache ActiveMQ: before 5.19.4, from 6.0.0 before 6.2.4. Users are recommended to upgrade to version 6.2.4 or 5.19.5, which fixes the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software Foundation
Product-activemq_brokeractivemqApache ActiveMQ BrokerApache ActiveMQ AllApache ActiveMQ ClientApache ActiveMQRed Hat build of Apache Camel for Spring Boot 4Red Hat Enterprise Linux 9Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Data Grid 8Red Hat Enterprise Linux 8Red Hat JBoss Enterprise Application Platform 7Red Hat Fuse 7Red Hat AMQ Broker 7Red Hat JBoss Enterprise Application Platform 8
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-27316
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-91.33% / 99.80%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 19:21
Updated-04 Nov, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

Action-Not Available
Vendor-Fedora ProjectNetApp, Inc.The Apache Software Foundation
Product-fedoraontaphttp_serverApache HTTP Serverhttp_server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-35517
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-10.61% / 95.29%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 07:15
Updated-04 Aug, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Commons Compress 1.1 to 1.20 denial of service vulnerability

When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software FoundationOracle Corporation
Product-healthcare_data_repositorypeoplesoft_enterprise_peopletoolsprimavera_unifiercommunications_cloud_native_core_service_communication_proxybanking_digital_experiencecommunications_billing_and_revenue_managementutilities_testing_acceleratoroncommand_insightcommunications_messaging_serverfinancial_services_crime_and_compliance_management_studiocommunications_session_route_manageractive_iq_unified_managerfinancial_services_enterprise_case_managementbanking_party_managementbanking_trade_financecommunications_diameter_intelligence_hubbanking_apisbanking_enterprise_default_managementbanking_paymentscommunications_cloud_native_core_unified_data_repositoryflexcube_universal_bankingcommons_compressinsurance_policy_administrationcommerce_guided_searchbanking_treasury_managementwebcenter_portalbusiness_process_management_suiteApache Commons Compress
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-35516
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-12.37% / 95.75%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 07:15
Updated-04 Aug, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Commons Compress 1.6 to 1.20 denial of service vulnerability

When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software FoundationOracle Corporation
Product-healthcare_data_repositorypeoplesoft_enterprise_peopletoolsprimavera_unifiercommunications_cloud_native_core_automated_test_suitecommunications_cloud_native_core_service_communication_proxybanking_digital_experiencecommunications_billing_and_revenue_managementoncommand_insightutilities_testing_acceleratorcommunications_messaging_serverfinancial_services_crime_and_compliance_management_studiocommunications_session_route_manageractive_iq_unified_managerfinancial_services_enterprise_case_managementbanking_party_managementcommunications_diameter_intelligence_hubbanking_enterprise_default_managementcommunications_cloud_native_core_unified_data_repositoryflexcube_universal_bankingcommons_compressinsurance_policy_administrationcommerce_guided_searchwebcenter_portalbusiness_process_management_suiteApache Commons Compress
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-30522
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-90.41% / 99.79%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 10:00
Updated-03 Aug, 2024 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mod_sed denial of service

If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software FoundationFedora Project
Product-http_serverclustered_data_ontapfedoraApache HTTP Server
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-48976
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-64.72% / 99.16%
||
7 Day CHG~0.00%
Published-16 Jun, 2025 | 15:00
Updated-03 Nov, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers

Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-commons_fileuploadApache Commons FileUpload
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-48988
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-53.28% / 98.87%
||
7 Day CHG-1.60%
Published-16 Jun, 2025 | 14:13
Updated-03 Nov, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: FileUpload large number of parts with headers DoS

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-9494
Matching Score-10
Assigner-Apache Software Foundation
ShareView Details
Matching Score-10
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.91% / 89.12%
||
7 Day CHG~0.00%
Published-24 Jun, 2020 | 15:25
Updated-04 Aug, 2024 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-debian_linuxtraffic_serverApache Traffic Server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-13950
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-49.09% / 98.75%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 07:10
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mod_proxy_http NULL pointer dereference

Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

Action-Not Available
Vendor-The Apache Software FoundationFedora ProjectDebian GNU/LinuxOracle Corporation
Product-http_serverdebian_linuxinstantis_enterprisetrackfedorazfs_storage_appliance_kitenterprise_manager_ops_centerApache HTTP Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-54472
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.20% / 64.78%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 09:05
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache bRPC: Redis Parser Remote Denial of Service

Unlimited memory allocation in redis protocol parser in Apache bRPC (all versions < 1.14.1) on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers read from the network. If the integer read from the network is too large, it may cause a bad alloc error and lead to the program crashing. Attackers can exploit this feature by sending special data packets to the bRPC service to carry out a denial-of-service attack on it. The bRPC 1.14.0 version tried to fix this issue by limited the memory allocation size, however, the limitation checking code is not well implemented that may cause integer overflow and evade such limitation. So the 1.14.0 version is also vulnerable, although the integer range that affect version 1.14.0 is different from that affect version < 1.14.0. Affected scenarios: Using bRPC as a Redis server to provide network services to untrusted clients, or using bRPC as a Redis client to call untrusted Redis services. How to Fix: we provide two methods, you can choose one of them: 1. Upgrade bRPC to version 1.14.1. 2. Apply this patch ( https://github.com/apache/brpc/pull/3050 ) manually. No matter you choose which method, you should note that the patch limits the maximum length of memory allocated for each time in the bRPC Redis parser. The default limit is 64M. If some of you redis request or response have a size larger than 64M, you might encounter error after upgrade. For such case, you can modify the gflag redis_max_allocation_size to set a larger limit.

Action-Not Available
Vendor-The Apache Software Foundation
Product-brpcApache bRPC
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-53506
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.90% / 77.34%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 19:14
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: DoS via excessive h2 streams at connection start

Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Other EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-53477
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.70% / 48.91%
||
7 Day CHG~0.00%
Published-10 Jan, 2026 | 09:45
Updated-14 Jan, 2026 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Mynewt NimBLE: NULL Pointer Dereference in NimBLE host HCI layer

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-nimbleApache Mynewt NimBLE
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53020
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-4.41% / 90.25%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 16:59
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: HTTP/2 DoS by Memory Increase

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2025-52434
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.82% / 76.33%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 19:03
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: APR/Native Connector crash leading to DoS

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 9.0.107, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2023-31122
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.98% / 85.76%
||
7 Day CHG~0.00%
Published-23 Oct, 2023 | 06:51
Updated-01 Aug, 2025 | 02:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_macro buffer over-read

Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.

Action-Not Available
Vendor-Debian GNU/LinuxThe Apache Software FoundationFedora Project
Product-fedorahttp_serverdebian_linuxApache HTTP Server
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-52520
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.96% / 78.09%
||
7 Day CHG~0.00%
Published-10 Jul, 2025 | 19:05
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: DoS via integer overflow in multipart file upload

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-30631
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.00% / 78.58%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 07:44
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Traffic Server: Configuration option to block the PUSH method in ATS didn't work

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectThe Apache Software Foundation
Product-fedoratraffic_serverdebian_linuxApache Traffic Server
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28709
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-51.55% / 98.82%
||
7 Day CHG~0.00%
Published-22 May, 2023 | 10:08
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: Fix for CVE-2023-24998 is incomplete

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.

Action-Not Available
Vendor-NetApp, Inc.Debian GNU/LinuxThe Apache Software Foundation
Product-debian_linux7-mode_transition_tooltomcatApache Tomcat
CWE ID-CWE-193
Off-by-one Error
CVE-2025-49763
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.63% / 46.27%
||
7 Day CHG~0.00%
Published-19 Jun, 2025 | 10:07
Updated-01 Jul, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Traffic Server: Remote DoS via memory exhaustion in ESI Plugin

ESI plugin does not have the limit for maximum inclusion depth, and that allows excessive memory consumption if malicious instructions are inserted. Users can use a new setting for the plugin (--max-inclusion-depth) to limit it. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.5, from 9.0.0 through 9.2.10. Users are recommended to upgrade to version 9.2.11 or 10.0.6, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-traffic_serverApache Traffic Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-26464
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.91% / 77.41%
||
7 Day CHG~0.00%
Published-10 Mar, 2023 | 13:38
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Log4j 1.x (EOL) allows DoS in Chainsaw and SocketAppender

** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie, deeply nested) hashmap or hashtable (depending on which logging component is in use) to be processed could exhaust the available memory in the virtual machine and achieve Denial of Service when the object is deserialized. This issue affects Apache Log4j before 2. Affected users are recommended to update to Log4j 2.x. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-The Apache Software Foundation
Product-log4jApache Log4jlog4j
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-26513
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.46% / 70.73%
||
7 Day CHG~0.00%
Published-20 Mar, 2023 | 12:20
Updated-13 Feb, 2025 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2.

Action-Not Available
Vendor-The Apache Software Foundation
Product-sling_resource_mergerApache Sling Resource Merger
CWE ID-CWE-834
Excessive Iteration
CVE-2021-41585
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.41% / 82.23%
||
7 Day CHG~0.00%
Published-03 Nov, 2021 | 15:20
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ATS stops accepting connections on FreeBSD

Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0.

Action-Not Available
Vendor-The Apache Software Foundation
Product-traffic_serverApache Traffic Server
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25692
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.83% / 76.41%
||
7 Day CHG~0.00%
Published-24 Feb, 2023 | 11:48
Updated-11 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service

Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.

Action-Not Available
Vendor-The Apache Software Foundation
Product-apache-airflow-providers-googleApache Airflow Google Provider
CWE ID-CWE-20
Improper Input Validation
CVE-2021-41561
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.05% / 86.09%
||
7 Day CHG~0.00%
Published-20 Dec, 2021 | 11:20
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Parquet-MR potential DoS in case of malicious Parquet file

Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions.

Action-Not Available
Vendor-The Apache Software Foundation
Product-parquet-mrApache Parquet
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6817
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-7.19% / 93.60%
||
7 Day CHG~0.00%
Published-10 Aug, 2017 | 22:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2025-48392
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.56% / 43.02%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 07:59
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache IoTDB: DoS Vulnerability

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-iotdbApache IoTDB
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-48431
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.08% / 61.33%
||
7 Day CHG~0.00%
Published-28 Apr, 2026 | 09:11
Updated-15 Jul, 2026 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.

Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal "free(): invalid pointer" error message.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software Foundation
Product-thriftApache ThriftOpenShift Service Mesh 2Cryostat 4 on RHEL 9Red Hat OpenStack Platform 18.0Red Hat Advanced Cluster Management for Kubernetes 2.15Red Hat Advanced Cluster Management for Kubernetes 2.16Red Hat AI Inference ServerRed Hat Ceph Storage 5Red Hat Advanced Cluster Management for Kubernetes 2Red Hat Advanced Cluster Management for Kubernetes 2.14Multicluster Global HubRed Hat OpenShift distributed tracing 3.10.1Red Hat OpenShift distributed tracing 3Red Hat Enterprise Linux 8Red Hat Ceph Storage 9Red Hat Ceph Storage 8Red Hat Ceph Storage 6Red Hat OpenShift AI (RHOAI)Red Hat OpenShift Container Platform 4
CWE ID-CWE-762
Mismatched Memory Management Routines
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2021-32566
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-2.51% / 83.03%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 07:15
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Specific sequence of HTTP/2 frames can cause ATS to crash

Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-debian_linuxtraffic_serverApache Traffic Server
CWE ID-CWE-20
Improper Input Validation
CVE-2022-47185
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.49% / 71.26%
||
7 Day CHG~0.00%
Published-09 Aug, 2023 | 06:57
Updated-13 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Traffic Server: Invalid Range header causes a crash

Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1.

Action-Not Available
Vendor-The Apache Software Foundation
Product-traffic_serverApache Traffic Servertraffic_server
CWE ID-CWE-20
Improper Input Validation
CVE-2025-31650
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-66.93% / 99.22%
||
7 Day CHG~0.00%
Published-28 Apr, 2025 | 19:14
Updated-03 Nov, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame

Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.90 though 8.5.100. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcatApache Tomcat
CWE ID-CWE-459
Incomplete Cleanup
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 21
  • 22
  • Next
Details not found