11151 matches found
golang: net: malformed DNS message can cause infinite loop
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service DoS conditions...
Denial Of Service (DoS)
github.com/wcharczuk/go-chart is vulnerable to Denial of Service DoS. The vulnerability is due to an infinite loop when executing the drawCanvas function with a StackedBarChart containing a long name value. If the name value originates from untrusted input, an attacker can cause an infinite loop...
openSUSE Security Advisory (SUSE-SU-2024:2584-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-40060
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...
CVE-2024-40060
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...
Infinite Loop
GPAC is vulnerable to an Infinite Loop. The vulnerability is due to an infinite loop caused by the function isoffinprocess in the file src/filters/isoffinread.c. An attacker can cause the application to enter an infinite loop by manipulating the input data, which could lead to a Denial of Service...
CVE-2024-40060
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libgit2 (SUSE-SU-2024:2584-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2584-1 advisory. Update to 1.7.2: Security fixes: - CVE-2024-24577: Fixed arbitrary code execution due to heap...
PT-2024-28769 · Go-Chart · Go-Chart
Name of the Vulnerable Software and Affected Versions: go-chart version 2.1.1 Description: The issue is related to an infinite loop in the drawCanvas function. This function is part of the go-chart library and is used for rendering charts. The infinite loop can cause the program to consume...
go-chart 安全漏洞
go-chart is a very simple golang native charting library by Will Charczuk, a personal developer. A security vulnerability exists in go-chart version v2.1.1, which stems from an infinite loop in the drawCanvas function...
CVE-2024-40060
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...
CVE-2024-40060
CVE-2024-40060 affects go-chart v2.1.1. The vulnerability is an infinite loop in the drawCanvas() function, which can cause a Denial of Service when a long name value is processed (noted in the Veracode entry and related advisories). Exploitation details are limited in the provided documents; one...
SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2024:2590-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2590-1 advisory. Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138:...
CVE-2024-6638
An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions...
CVE-2024-6638
CVE-2024-6638 affects LabVIEW 2024 Q1 and earlier versions. The issue is an integer overflow in the TDMS file reader caused by improper input validation, which can lead to an infinite loop. Exploitation requires a user to open a specially crafted TDMS file and is a local, user-interaction-based v...
Security Bulletin: Security vulnerabilities may affect Go packages that are shipped with IBM CICS TX Advanced.
Summary Security vulnerabilities may affect Go packages that are shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issues. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a memory exhaustion flaw due to floo...
SUSE-SU-2024:2590-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...
SUSE-SU-2024:2584-1 Security update for libgit2
This update for libgit2 fixes the following issues: Update to 1.7.2: Security fixes: - CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in gitindexadd bsc1219660 - CVE-2024-24575: Fixed potential infinite loop condition in gitrevparsesingle bsc1219664 Other fixes: - A bug in...
SUSE-SU-2024:2578-1 Security update for java-21-openjdk
This update for java-21-openjdk fixes the following issues: Updated to version 21.0.4+7 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...
Medium: python3.11-setuptools
Issue Overview: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as...