10 matches found
Denial Of Service (DoS)
Azle is vulnerable to a Denial Of Service DoS. The vulnerability is due to an infinite loop of timers triggered by the setTimer function, leading to continuous execution and resource exhaustion, which can render the canister unresponsive...
CVE-2025-29776
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
In Azle, calling `setTimer` causes infinite loop of timers
Impact Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of setTimer. Patches The...
GHSA-XC76-5PF9-MX8M In Azle, calling `setTimer` causes infinite loop of timers
Impact Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of setTimer. Patches The...
CVE-2025-29776
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
CVE-2025-29776
Summary of CVE-2025-29776 (Azle): Azle, a WebAssembly runtime for TypeScript/JavaScript on ICP, is affected when calling setTimer in versions 0.27.0, 0.28.0, or 0.29.0. Each valid setTimer invocation can trigger an immediate infinite loop of timers that attempt to clean up the global state of the...
CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
Azle 安全漏洞
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP open-sourced by Demergent. A security vulnerability exists in Azle versions 0.27.0, 0.28.0, and 0.29.0 that stems from a call to setTimer that may result in an infinite loop...