CWE•Base•Incomplete•15 recent CVEs

CWE-409Improper Handling of Highly Compressed Data (Data Amplification)

Description

The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.

An example of data amplification is a "decompression bomb," a small ZIP file that can produce a large amount of data when it is decompressed.

Common consequences

Availability→DoS: Amplification,DoS: Crash, Exit, or Restart,DoS: Resource Consumption (CPU),DoS: Resource Consumption (Memory)
System resources, CPU and memory, can be quickly consumed. This can lead to poor system performance or system crash.

Related CWEs

CWE-405Asymmetric Resource Consumption (Amplification)

Recent CVEs classified under this CWE

CVE-2026-534302026-06-15 CVE-2026-497552026-06-08 CVE-2026-107257.52026-06-06 CVE-2026-485942026-06-02 CVE-2026-446978.62026-05-29 CVE-2026-88145.32026-05-19 CVE-2026-439702026-05-13 CVE-2026-444327.52026-05-13 CVE-2026-428864.92026-05-11 CVE-2026-274606.52026-04-10 CVE-2026-401486.52026-04-09 CVE-2026-400367.52026-04-08 CVE-2026-393735.32026-04-07 CVE-2026-25755.32026-03-18 CVE-2026-239435.32026-03-13