Search for packages
Package details: pkg:pypi/brotli@1.0.6
purl pkg:pypi/brotli@1.0.6
Next non-vulnerable version 1.0.8
Latest non-vulnerable version 1.0.8
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-zv7x-wujr-aaaa
Aliases:
BIT-2020-8927
BIT-brotli-2020-8927
BIT-dotnet-2020-8927
BIT-dotnet-sdk-2020-8927
CVE-2020-8927
GHSA-5v8v-66v8-mwm7
PYSEC-2020-29
RUSTSEC-2021-0131
RUSTSEC-2021-0132
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
1.0.8
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:54:00.786116+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 36.1.3
2025-06-03T22:34:49.493856+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 36.1.0
2025-06-02T22:23:27.766522+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 36.1.2
2025-04-03T19:59:22.940899+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 36.0.0
2025-02-18T01:52:53.218241+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 35.1.0
2024-11-21T00:02:27.278486+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 35.0.0
2024-11-18T23:51:35.424224+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 34.3.2
2024-10-17T04:21:45.998017+00:00 GitLab Importer Affected by VCID-zv7x-wujr-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/brotli/CVE-2020-8927.yml 34.0.2
2024-10-07T18:50:13.472106+00:00 GHSA Importer Affected by VCID-zv7x-wujr-aaaa https://github.com/advisories/GHSA-5v8v-66v8-mwm7 34.0.2
2024-09-22T19:43:43.153310+00:00 GHSA Importer Affected by VCID-zv7x-wujr-aaaa https://github.com/advisories/GHSA-5v8v-66v8-mwm7 34.0.1
2024-09-18T12:03:14.748729+00:00 Pypa Importer Affected by VCID-zv7x-wujr-aaaa https://github.com/pypa/advisory-database/blob/main/vulns/brotli/PYSEC-2020-29.yaml 34.0.1
2024-09-17T22:56:07.685068+00:00 PyPI Importer Affected by VCID-zv7x-wujr-aaaa https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-01-03T18:38:34.374738+00:00 PyPI Importer Affected by VCID-zv7x-wujr-aaaa https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:28:46.323747+00:00 Pypa Importer Affected by VCID-zv7x-wujr-aaaa https://github.com/pypa/advisory-database/blob/main/vulns/brotli/PYSEC-2020-29.yaml 34.0.0rc1