VYPR

rpm package

almalinux/brotli-devel

pkg:rpm/almalinux/brotli-devel

Vulnerabilities (2)

  • CVE-2025-6176HigOct 31, 2025
    affected < 1.1.0-7.el10_1fixed 1.1.0-7.el10_1

    Scrapy versions up to 2.13.2 are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less

  • CVE-2020-8927Sep 15, 2020
    affected < 1.0.6-3.el8fixed 1.0.6-3.el8

    A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to upda