BaseIncomplete

CWE-409Improper Handling of Highly Compressed Data (Data Amplification)

Category: other

Description

The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output. An example of data amplification is a "decompression bomb," a small ZIP file that can produce a large amount of data when it is decompressed.

Common consequences· 1

  • Availability — DoS: Amplification, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)
    System resources, CPU and memory, can be quickly consumed. This can lead to poor system performance or system crash.

References

  1. https://cwe.mitre.org/data/definitions/409.html

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2026-27809cve-2026-278090%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Handling of Mixed Encoding
CWE
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE
Insufficient Control of Network Message Volume (Network Amplification)
CWE
Asymmetric Resource Consumption (Amplification)
CWE
Collapse of Data into Unsafe Value
CWE
Improper Verification of Cryptographic Signature
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.