Lucene search
+L

94 matches found

OSV
OSV
added 2022/10/02 5:15 a.m.6 views

UBUNTU-CVE-2022-42004

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization...

7.5CVSS6.7AI score0.02706EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/10/02 12:0 a.m.27 views

CVE-2022-42004

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization...

7.7AI score0.02706EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2018/02/06 12:0 a.m.16 views

openSUSE Security Update : translate-toolkit (openSUSE-2018-130)

This update for translate-toolkit to 2.2.4 fixes several issues. This security issue was fixed : - Prevent inclusion of external ressources XXE boo1073535 These non-security issues were fixed : - Added support for nested and WebExtension JSON dialects. - po2txt no longer converts non-translatable...

5.4AI score
Exploits0References1
OSV
OSV
added 2014/09/30 4:55 p.m.3 views

DEBIAN-CVE-2014-4330

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

2.1CVSS6.7AI score0.00554EPSS
Exploits3References1
OSV
OSV
added 2014/09/30 12:0 a.m.4 views

UBUNTU-CVE-2014-4330

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

2.1CVSS7.1AI score0.00554EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2007/04/20 11:36 a.m.6 views

security flaw

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...

7.5CVSS7.2AI score0.18162EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/04/16 3:38 p.m.4 views

security flaw

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...

7.5CVSS7.2AI score0.18162EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/04/16 3:27 p.m.8 views

security flaw

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...

7.5CVSS7.2AI score0.18162EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/04/16 11:24 a.m.7 views

security flaw

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...

7.5CVSS7.2AI score0.18162EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/03/14 2:1 a.m.10 views

security flaw

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...

7.5CVSS7.2AI score0.18162EPSS
Exploits1References4
OSV
OSV
added 2007/03/07 9:19 p.m.1 views

DEBIAN-CVE-2007-1325

The PMAArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service web server crash via an array with many dimensions. NOTE: it could be argued tha...

7.1CVSS6.8AI score0.01715EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2007/03/06 12:0 a.m.7 views

PT-2007-2700 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: PHP versions 4.x before 4.4.7 PHP versions 5.x before 5.2.2 Description: The issue allows remote attackers to cause a denial of service, resulting in stack exhaustion and a PHP crash. This is achieved by using deeply nested arrays, which...

10CVSS6.9AI score0.40435EPSS
Exploits12References66
seebug.org
seebug.org
added 2007/03/04 12:0 a.m.16 views

PHP ZendEngine变量释放远程拒绝服务漏洞

PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP没有对嵌套数组的深度强制任何过滤检查。由于变量注册是以迭代的方式执行的,因此PHP会接受任何深度,直到达到memorylimit。PHP数组的释放是以递归的方式执行的,因此在耗尽了栈极限的时候就会崩溃。 攻击者可以利用上述问题以可控的方式导致PHP崩溃。假设以下PHP代码: if !checkUserPWD$user, $pass $errmsg = "There is problem ..."; displayError$errmsg; notifyAdminOfCrackAttempt; else ...

7.1AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-1198

Microsoft Internet Explorer allows remote attackers to cause a denial of service application crash from memory consumption, as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays...

5CVSS6.8AI score0.01697EPSS
Exploits1References4
Rows per page
Query Builder