73 matches found
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2024-2410: Use after free when parsing JSON from a stream bsc1223947. CVE-2024-7254: StackOverflow vulnerability in Protocol Buffers bsc1230778. CVE-2025-4565: Parsing of untrusted Protocol Buffers data containing an arbitrary number of...
BIT-LIBPYTHON-2023-36632
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed ...
SUSE-SU-2025:20514-1 Security update for protobuf
This update for protobuf fixes the following issues: - CVE-2025-4565: Fixed a crash due to RecursionError bsc1244663...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2025-4565: Fixed a crash due to RecursionError bsc1244663 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that can lead to crash due to RecursionError bsc1244663. Patch Instructions: To install this SUSE update use the SUSE...
Security update for protobuf
This update for protobuf fixes the following issues: CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that can lead to crash due to RecursionError bsc1244663. Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2025:02309-1 Security update for protobuf
This update for protobuf fixes the following issues: - CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that can lead to crash due to RecursionError bsc1244663...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
SUSE CVE-2025-4565
Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashin...
AZL-64145 CVE-2025-4565 affecting package protobuf for versions less than 25.3-5
Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashin...
AZL-64116 CVE-2025-4565 affecting package protobuf for versions less than 3.17.3-4
Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashin...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
BIT-PYTHON-MIN-2023-36632
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed ...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
SUSE CVE-2024-4340
Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...
GHSA-62QF-JCQ8-8GXW Duplicate Advisory: sqlparse parsing heavily nested list leads to Denial of Service
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2m57-hf25-phgg. This link is maintained to preserve external references. Original Description Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...
DEBIAN-CVE-2024-4340
Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...
GHSA-P72Q-H37J-3HQ7 dbt uses a SQLparse version with a high vulnerability
Summary Using a version of sqlparse that has a security vulnerability and no way to update in current version of dbt core. Snyk recommends using sqlparse==0.5 but this causes a conflict with dbt. Snyk states the issues is a recursion error: SNYK-PYTHON-SQLPARSE-6615674. Details Dependency conflic...