JLSEC-2025-16 An issue was discovered in cairo 1.16.0

An issue was discovered in cairo 1.16.0. There is an infinite loop in the function arcerrornormalized in the file cairo-arc.c, related to arcmaxanglefortolerancenormalized...

RLSA-2025:15007 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

RLSA-2025:15019 Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

python3.11 security update

An update is available for python3.11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

RLSA-2025:15010 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

RockyLinux 9 : python3.12 (RLSA-2025:15007)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:15007 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the RockyLinux security...

RockyLinux 9 : python3.9 (RLSA-2025:15019)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:15019 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the RockyLinux security...

RockyLinux 9 : python3.11 (RLSA-2025:15010)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:15010 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the RockyLinux security...

Improper Validation of Syntactic Correctness of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input via the LoadBlob function. An attacker can cause the application to enter an infinite loop and exhaust system resources by submitting specially crafted text input that triggers...

EUVD-2025-33578

Amazon.IonDotnet is vulnerable to Denial of Service attacks...

Amazon.IonDotnet is vulnerable to Denial of Service attacks

Summary Amazon.IonDotnet is a library for the Dotnet language that is used to read and write Amazon Ion data. An issue exists where, under certain circumstances, the library could an infinite loop, resulting in denial of service. As of August 20, 2025, this library has been deprecated and will no...

Security Bulletin: IBM Storage Ceph is vulnerable to an Infinite Loop in Grafana (CVE-2024-24786)

Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. CVE-2024-24786 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: The protojson.Unmarshal function can enter an infinite loop when...

CVE-2025-11573

An infinite loop issue in Amazon.IonDotnet library versions v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not...

CVE-2025-11573

An infinite loop issue in Amazon.IonDotnet library versions v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not...

CVE-2025-11573 Denial of Service issue in Amazon.IonDotnet

An infinite loop issue in Amazon.IonDotnet library versions v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not...

CVE-2025-11573

CVE-2025-11573 affects Amazon.IonDotnet library. Versions earlier than 1.3.2 are vulnerable to an infinite loop triggered by specially crafted text input, leading to denial of service. Remediation is to upgrade to 1.3.2 or higher; the library has been deprecated as of 2025-08-20 and will not rece...

CVE-2025-11573 Denial of Service issue in Amazon.IonDotnet

An infinite loop issue in Amazon.IonDotnet library versions v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not...

PT-2025-41447

Name of the Vulnerable Software and Affected Versions Amazon.IonDotnet versions prior to 1.3.2 Description An infinite loop issue exists in the Amazon.IonDotnet library that could allow an attacker to cause a denial of service by providing a specially crafted text input. The library has been...

AlmaLinux 10 : python3.12 (ALSA-2025:14984)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14984 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the AlmaLinux security...

Wireshark 4.2.x < 4.2.14 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 4.2.14. It is, therefore, affected by a vulnerability as referenced in the wireshark-4.2.14 advisory. - MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service CVE-2025-11626...