CVE Vulnerabilities

CVE-2024-55909

Improper Handling of Highly Compressed Data (Data Amplification)

Published: May 02, 2025 | Modified: May 02, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption.

Weakness

The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.

References