Vulnerability in Ninenines Cowlib

CVE-2026-43970

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in ninenines cowlib allows unauthenticated remote denial of service via memory exhaustion. cow_spdy:inflate/2 in cowlib passes peer-supplied compressed bytes d…

EPSS: 0.002 (39.8th percentile) — read the EPSS interpretation.

Affected products

Ninenines Cowlib — versions 0.1.0, fad5c0049df278cc498b6cdb519b09e845a070a8

Weakness classification (CWE)

CWE-409 — Improper Handling of Highly Compressed Data (Data Amplification)

References

6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, third-party-advisory)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)