11089 matches found
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop through insufficient validation and missing safety mechanisms during symlink resolution. An attacker can cause infinite loops and resource exhaustion by providing crafted or malformed input that triggers uncontrolled...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop through insufficient validation and missing safety mechanisms during symlink resolution. An attacker can cause infinite loops and resource exhaustion by providing crafted or malformed input that triggers uncontrolled...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop through insufficient validation and missing safety mechanisms during symlink resolution. An attacker can cause infinite loops and resource exhaustion by providing crafted or malformed input that triggers uncontrolled...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop through insufficient validation and missing safety mechanisms during symlink resolution. An attacker can cause infinite loops and resource exhaustion by providing crafted or malformed input that triggers uncontrolled...
Security update for python-Pillow
This update for python-Pillow fixes the following issue CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs bsc1265154. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:1842-1 Security update for python-Pillow
This update for python-Pillow fixes the following issue - CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs bsc1265154...
CVE-2026-39806
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in mtrudel bandit allows unauthenticated remote denial of service via worker process exhaustion. 'Elixir.Bandit.HTTP1.Socket':doreadchunkeddata!/5 in lib/bandit/http1/socket.ex terminates only when the last-chunk line 0\r\n is...
CVE-2026-39806
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in mtrudel bandit allows unauthenticated remote denial of service via worker process exhaustion. 'Elixir.Bandit.HTTP1.Socket':doreadchunkeddata!/5 in lib/bandit/http1/socket.ex terminates only when the last-chunk line 0\r\n is...
Security Bulletin: Vulnerability in pypdf bundled with IBM Fusion, IBM Fusion HCI and Content-Aware Storage
Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage include pypdf which could cause infinite loop vulnerability. CVE-2026-24688. Vulnerability Details CVEID:CVE-2026-24688 DESCRIPTION: pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop...
CLSA-2026-1778661840 skopeo: Fix of CVE-2024-24786
CVE-2024-24786: fix infinite loop in vendored google.golang.org/protobuf protojson.Unmarshal on malformed JSON by handling EOF in skipJSONValue and rejecting ObjectClose after a Name token in Decoder.Read...
PT-2026-40608
Name of the Vulnerable Software and Affected Versions bandit versions 1.6.1 through 1.11.0 Description An infinite loop in the do read chunked data!/5 function within lib/bandit/http1/socket.ex allows unauthenticated remote attackers to cause a denial of service via worker process exhaustion. The...
Bandit 安全漏洞
Bandit is a high-performance HTTP and WebSocket server developed by Mat Trudel. Versions of Bandit from 1.6.1 to 1.11.1 contained security vulnerabilities. These vulnerabilities were caused by infinite loops, which could allow unauthenticated remote attackers to exploit the system through...
CVE-2026-44302
Snappier is a high performance C implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. This vulnerability is fixed in 1.3.1...
CVE-2026-44302
CVE-2026-44302 affects Snappier, a C# implementation of Snappy. The vulnerability lies in SnappyStream decompression: when processing malformed framed-format input (as small as 15 bytes), SnappyStream enters an uncatchable infinite loop inside SnappyStreamDecompressor.Decompress, causing a busy-w...
CVE-2026-44302
Snappier is a high performance C implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. This vulnerability is fixed in 1.3.1...
CVE-2026-44302 Snappier: Infinite loop in SnappyStream decompression on malformed framed input
Snappier is a high performance C implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. This vulnerability is fixed in 1.3.1...
CVE-2026-44302 Snappier: Infinite loop in SnappyStream decompression on malformed framed input
Snappier is a high performance C implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. This vulnerability is fixed in 1.3.1...
CVE-2026-42899
Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network...
CVE-2026-4890
A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...
CVE-2026-42899
Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network...