CVE-2025-11579: 
Gitleaks vulnerability analysis and mitigation

A vulnerability has been identified in github.com/nwaples/rardecode versions 2.1.1 and earlier, tracked as CVE-2025-11579. The vulnerability was discovered and disclosed on October 10, 2025, affecting the RAR file processing functionality of the software. The issue stems from the application's failure to properly restrict dictionary sizes when processing RAR files (NVD, AttackerKB).

The vulnerability is characterized by the software's failure to restrict dictionary size when reading large RAR dictionary sizes. This has been classified as CWE-789 (Memory Allocation with Excessive Size Value). The vulnerability has received a CVSS v3.1 base score of 5.3 (Medium), with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L. The scoring indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges or user interaction, and primarily affects availability (NVD, Red Hat).

When exploited, this vulnerability can lead to a Denial of Service condition through an Out Of Memory Crash. The impact is primarily focused on system availability, with no direct effect on confidentiality or integrity of the system (NVD).

According to Red Hat's security advisory, mitigation for this issue is either not available or the currently available options do not meet their Product Security criteria for ease of use, deployment, and stability. Organizations are advised to monitor for updates from the software maintainers (Red Hat).