Primary

Context

nwaples rardecode Denial-of-Service Vulnerability Due to Improper Dictionary Size Handling

Vulnerability

A denial-of-service vulnerability has been identified in nwaples rardecode versions through 2.1.1. The issue arises because the software fails to properly restrict dictionary sizes when processing large RAR files. This flaw allows an attacker to craft a RAR file that, when opened with the affected software, causes excessive memory usage, leading to an out-of-memory crash.

Impact

Exploitation of this vulnerability causes an out-of-memory crash, leading to a denial-of-service condition.

Remediation

Users can upgrade to nwaples rardecode version 2.2.0 or later, where this vulnerability has been addressed.

Added: Oct 10, 2025, 12:18 PM

Updated: Oct 10, 2025, 12:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

0.7

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

0.7

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

nwaples rardecode Denial-of-Service Vulnerability Due to Improper Dictionary Size Handling

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating