42 matches found
Astra Linux - уязвимость в golang-1.19
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...
GHSA-F4QM-VJ5J-9XPW ImageMagick has a Stack Overflow via Recursive FX Expression Parsing
A stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression...
Uncontrolled Recursion
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
EUVD-2026-22106
ImageMagick has a Stack Overflow via Recursive FX Expression Parsing...
Uncontrolled Recursion
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
ImageMagick has a Stack Overflow via Recursive FX Expression Parsing
A stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression...
CVE-2026-33902
A flaw was found in ImageMagick, a software used for editing and manipulating digital images. An attacker can exploit this vulnerability by providing a deeply nested expression to ImageMagick's FX expression parser. This can lead to a stack overflow, causing the process to crash and resulting in ...
DEBIAN-CVE-2026-33902
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...
CVE-2026-33902
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...
CVE-2026-33902
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...
CVE-2026-33902 ImageMagick: Stack Overflow via Recursive FX Expression Parsing
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...
CVE-2026-33902
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...
ImageMagick 安全漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained security vulnerabilities. These vulnerabilities were due to a stack...
CVE-2026-34211 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, the @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions...
CVE-2026-34211
The CVE-2026-34211 entry describes an unbounded recursive vulnerability in @nyariv/sandboxjs (restOfExp and lispify/lispifyExpr) that can crash Node.js processes via deeply nested expressions. Connected sources (Rh/CVE-2026-34211, NVD, GHSA advisory) confirm the root cause is uncontrolled recursi...
GHSA-8PFC-JJGW-6G26 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser
Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...
SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser
Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...
Linux Distros Unpatched Vulnerability : CVE-2026-1849
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive function...
CVE-2026-1849
MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...
CVE-2026-1849
MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...