Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:google:brotli:*
  • Search Type: Search All
There are 1 matching records.
Displaying matches 1 through 1.
Vuln ID Summary CVSS Severity
CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

Published: September 15, 2020; 6:15:12 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 6.4 MEDIUM