Lucene search
K

433 matches found

Veracode
Veracode
added 2023/10/16 6:43 a.m.6 views

Denial Of Service (DoS)

jtidy is vulnerable to Denial of Service DoS. The vulnerability is due to lack of nesting depth checks in the library, which allows an attacker to cause an application crash through a stack overflow by parsing a deeply nested html string...

7.5CVSS7.3AI score0.00866EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2023/06/23 6:41 a.m.13 views

Denial Of Service (DoS)

org.hjson, hjson is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause a stack overflow, resulting in an application crash, because the library does not properly check crafted objects with deeply nested structures...

7.5CVSS6.7AI score0.00771EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/19 10:15 a.m.4 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
OSV
OSV
added 2023/06/14 3:30 p.m.3 views

GHSA-W2RR-WVH9-M2M7 JSONUtil vulnerable to stack exhaustion

An issue was discovered JSONUtil through 5.0 that allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures...

7.5CVSS7.1AI score0.00732EPSS
Exploits1References2
OSV
OSV
added 2023/06/14 3:30 p.m.14 views

GHSA-75R3-38RH-PMXV sojo vulnerable to stack exhaustion

An issue was discovered sojo through 1.1.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

7.5CVSS7.4AI score0.00845EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.4 views

PT-2023-24956

Name of the Vulnerable Software and Affected Versions hjson versions 3.0.0 and earlier Description An issue in hjson allows attackers to cause a denial of service or other unspecified impacts via crafted objects that use cyclic dependencies or have deeply nested structures. Recommendations For...

7.5CVSS7.1AI score0.00771EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2023/05/18 9:54 a.m.6 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/16 8:59 a.m.6 views

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

7.5CVSS6.6AI score0.01403EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:59 a.m.5 views

golang: go/parser: stack exhaustion in all Parse* functions

A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability...

5.5CVSS6.6AI score0.00863EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:59 a.m.6 views

golang: encoding/xml: stack exhaustion in Decoder.Skip

A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

7.5CVSS6.6AI score0.01875EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:49 a.m.4 views

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

7.5CVSS6.6AI score0.01403EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:49 a.m.2 views

golang: encoding/xml: stack exhaustion in Decoder.Skip

A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

7.5CVSS6.6AI score0.01875EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:49 a.m.5 views

golang: go/parser: stack exhaustion in all Parse* functions

A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability...

5.5CVSS6.6AI score0.00863EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/05/04 3:59 p.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/03 3:54 p.m.4 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
OSV
OSV
added 2023/03/23 8:32 p.m.3 views

GHSA-493P-PFQ6-5258 json-smart Uncontrolled Recursion vulnerability

Impact Affected versions of net.minidev:json-smart are vulnerable to Denial of Service DoS due to a StackOverflowError when parsing a deeply nested JSON array or object. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered tha...

7.5CVSS5.9AI score0.01119EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2023/03/15 7:58 p.m.5 views

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

7.5CVSS6.6AI score0.01403EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/08 2:54 p.m.3 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/06 9:1 a.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
Rows per page
Query Builder