CVE-2025-0986

MEDIUM Year: 2025
CVSS v3 Score
4.5
Medium
Weakness Type
CWE-409
View all →

Vulnerability Description

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration.

Related Vulnerabilities

CVE-2024-28180

MEDIUM
CVSS:4.3(Medium)

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memo...

CWE-4092024

CVE-2024-54016

MEDIUM
CVSS:4.3(Medium)

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): through <=2.2.0. Users are recommended to upg...

CWE-4092024

CVE-2023-26483

MEDIUM
CVSS:5.3(Medium)

gosaml2 is a Pure Go implementation of SAML 2.0. SAML Service Providers using this library for SAML authentication support are likely susceptible to Denial of Service attacks. A bug in this library en...

CWE-4092023

CVE-2022-37439

MEDIUM
CVSS:5.5(Medium)

In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts t...

CWE-4092022

CVE-2017-16129

MEDIUM
CVSS:5.9(Medium)

The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. ...

CWE-4092017

CVE-2024-28101

HIGH
CVSS:7.5(High)

The Apollo Router is a graph router written in Rust to run a federated supergraph that uses Apollo Federation. Versions 0.9.5 until 1.40.2 are subject to a Denial-of-Service (DoS) type vulnerability. ...

CWE-4092024