CVE-2025-11579

ADVISORY - github

Summary

rardecode versions <= 2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash.

EPSS Score⁠: 0.00019 (0.045)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-789⁠

Memory Allocation with Excessive Size Value

ADVISORY - github

CWE-789⁠

Memory Allocation with Excessive Size Value

ADVISORY - redhat

CWE-789⁠

Memory Allocation with Excessive Size Value

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.