A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LNbdkit Project Nbdkit
APPNbdkit Project< 1.12.71.14.0 – 1.14.1 (bez)1.15.0 – 1.15.1 (bez)Red Hat Enterprise Linux
OSRedhat8.0Red Hat Enterprise Linux Server
OSRedhat7.0Red Hat Virtualization
APPRedhat4.0
Related vulnerabilities
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...