Important: Red Hat Security Advisory: Kiali 1.73.25 for Red Hat OpenShift Service Mesh 2.6

Kiali 1.73.25 for Red Hat OpenShift Service Mesh 2.6 Kiali 1.73.25, for Red Hat OpenShift Service Mesh 2.6, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently Security Fixes:...

CVE-2025-66031 node-forge ASN.1 Unbounded Recursion

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2020-28196)

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit. This plugin only works with Tenable.ot. Please visit...

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...