Uncontrolled Recursion in vim/vim

...

PT-2022-20431 · Artifex +2 · Artifex Mujs +2

Name of the Vulnerable Software and Affected Versions: Artifex MuJS versions prior to 1.2.1 Description: The issue results in stack consumption due to unlimited recursion in the compile function in regexp.c. Recommendations: For versions prior to 1.2.1, update to version 1.2.1 or later to resolve...

DEBIAN-CVE-2022-1587

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the getrecursedatalength function of the pcre2jitcompile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers...

CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

openSUSE 15 Security Update : log4j (openSUSE-SU-2021:4118-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:4118-1 advisory. - Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 did not protect from uncontrolled recursion from self-referential lookups. This...

SUSE: Security Advisory (SUSE-SU-2021:14800-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2021:1294-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685. This update was imported from the SUSE:SLE-15-SP2:Update update project...

Security update for libcroco (moderate)

openSUSE Security Update: Security update for libcroco Announcement ID: openSUSE-SU-2021:1294-1 Rating: moderate References: 1171685 Cross-References: CVE-2020-12825 CVSS scores: CVE-2020-12825 NVD : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2020-12825 SUSE: 2.8...

openSUSE: Security Advisory for libcroco (openSUSE-SU-2021:3123-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:3123-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685...

SUSE-SU-2021:3123-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685...

SUSE-SU-2021:14800-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685...

CVE-2021-38380

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

PT-2020-8876 · Re2C +3 · Re2C +3

Name of the Vulnerable Software and Affected Versions: re2c versions prior to 2.0 Description: The issue is related to uncontrolled recursion, which causes stack consumption in the find fixed tags function. This can lead to potential system instability. Recommendations: For versions prior to 2.0,...

DEBIAN-CVE-2014-4330

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

PT-2008-1091 · Xmlsoft +1 · Libxml2 +1

Name of the Vulnerable Software and Affected Versions: libxml2 versions 2.6.32 and earlier Description: The issue allows context-dependent attackers to cause a denial of service, consuming memory and CPU, via a crafted XML document. This is due to improper detection of recursion during entity...

CVE-2005-2302

PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion...