11150 matches found
can: mcp251xfd: fix infinite loop when xmit fails
...
PT-2024-35361
Name of the Vulnerable Software and Affected Versions: GNOME libsoup versions prior to 3.6.1 Description: The issue is related to an infinite loop and memory consumption during the reading of certain patterns of WebSocket data from clients. Recommendations: For versions prior to 3.6.1, update to...
ROS-20240910-01
A vulnerability in the HAProxy server software is related to entering an infinite loop when given certain input data. of certain inputs. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
OESA-2024-2119 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
The vulnerability of the server software HAProxy lies in its ability to enter an infinite loop when processing certain input data, allowing a hacker to cause a service failure.
The vulnerability of the server software HAProxy is related to its ability to enter an infinite loop when certain input data is provided. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp
A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is...
SUSE SLES15: kubernetes1.27-apiserver / kubernetes1.27-client / etc (SUSE-SU-2024:3098-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3098-1 advisory. Update kubernetes to version 1.27.16 - CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf...
Security Bulletin: Vulnerability in Apache Commons Compress affects watsonx.data
Summary Apache Commons Compress is vulnerable to a denial of service. For CVE-2021-35515, when reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. For CVE-2021-35516, when reading a specially crafted 7Z archive,...
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service
A flaw was found in Python's zipfile module. When iterating over the entries of a zip archive, the process can enter into an infinite loop state and become unresponsive. This flaw allows an attacker to craft a malicious ZIP archive, leading to a denial of service from the application consuming th...
golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON
A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...
golang: net: malformed DNS message can cause infinite loop
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service DoS conditions...
kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...
kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...
[SECURITY] [DLA 3865-1] frr security update
Debian LTS Advisory DLA-3865-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost September 03, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb11u3 CVE ID : CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035...
CBL Mariner 2.0 Security Update: edk2 / openssl (CVE-2022-0778)
The version of edk2 / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0778 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loo...
Uncontrolled Recursion
@apollo/gateway and @apollo/query-planner are vulnerable to Uncontrolled Recursion. The vulnerability is due to the query planner potentially entering an infinite loop when processing sufficiently complex queries, leading to unbounded memory consumption and possible system crashes...
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service
A flaw was found in Python's zipfile module. When iterating over the entries of a zip archive, the process can enter into an infinite loop state and become unresponsive. This flaw allows an attacker to craft a malicious ZIP archive, leading to a denial of service from the application consuming th...
Python Multiple Vulnerabilities (Aug 2024) - Windows
Python is prone to an infinite loop vulnerability leading to a denial of service DoS. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Python Multiple Vulnerabilities (Aug 2024) - Linux
Python is prone to an infinite loop vulnerability leading to a denial of service DoS. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Python Multiple Vulnerabilities (Aug 2024) - Mac OS X
Python is prone to an infinite loop vulnerability leading to a denial of service DoS. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...