CVE-2025-38459

CVE-2025-38459: Linux kernel ATM CLIP module vulnerability causing Denial of Service via infinite recursion in clip_push(). Root cause: second ATMARP_MKIP ioctl triggers recursion when vcc->old_push is used after first call; mitigation implemented by checking vcc->user_back (clip_vcc) and u...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an infinite recursive call problem in clippush...

Apache Commons Lang 安全漏洞

Apache Commons Lang is a tool library of the Apache USA Foundation. A security vulnerability exists in Apache Commons Lang versions 2.0 through 2.6 and 3.0 through versions prior to 3.18.0, which stems from the presence of infinite recursion in the ClassUtils.getClass method, which could lead to ...

CVE-2024-42369

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This...

CVE-2024-2965

A Denial-of-Service DoS vulnerability exists in the SitemapLoader class of the langchain-ai/langchain repository, affecting all versions. The parsesitemap method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a sitemap URL refers to the...

CVE-2023-31794

MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdfmarklistpush. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2023-50251

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...

CVE-2022-28201

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...

CVE-2022-48545

An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...

CVE-2022-47662

GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault /stack overflow due to infinite recursion in MediaGetSample isomedia/media.c:662...

CVE-2019-13129

On the Motorola router CX2L MWR04L 1.01, there is a stack consumption infinite recursion issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handling...

CVE-2019-13103

A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data...

CVE-2018-20994

An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled...

RockyLinux 8 : libX11 (RLSA-2024:2973)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2973 advisory. libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: stack exhaustion from infinite recursion in PutSubImage CVE-2023-43786 libX1...

TensorFlow Serving 安全漏洞

TensorFlow Serving is a flexible, high-performance machine learning model serving system open-sourced by TensorFlow. A security vulnerability exists in TensorFlow Serving version 2.18.0 and earlier, which stems from improper stringing of JSON inputs and could lead to infinite recursion and server...

CLSA-2025-1745529850 libX11: Fix of CVE-2023-43786

CVE-2023-43786: fix stack exhaustion from infinite recursion in PutSubImage...

CVE-2023-52986

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of tcpbpfprots when cloning a listener A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. The variant depends on the socket'...

CVE-2023-52986

CVE-2023-52986 is a Linux kernel issue affecting bpf, sockmap where a listening socket linked to a sockmap can have its sk_prot overridden to a variant in tcp_bpf_prots. The root cause is that cloning a child from a TCP listener checked only for the TCP_BPF_BASE proto variant, whereas the listene...

CVE-2024-12910

A vulnerability in the KnowledgeBaseWebReader class of the run-llama/llamaindex repository, version latest, allows an attacker to cause a Denial of Service DoS by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the getarticleurls method, exhausting...

PYSEC-2025-11

A vulnerability in the KnowledgeBaseWebReader class of the run-llama/llamaindex repository, version latest, allows an attacker to cause a Denial of Service DoS by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the getarticleurls method, exhausting...