EulerOS 2.0 SP10 : protobuf (EulerOS-SA-2025-2109)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backendto parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups,...

Linux Distros Unpatched Vulnerability : CVE-2017-15377

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of...

OESA-2025-1971 apache-commons-lang security update

The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...

Linux Distros Unpatched Vulnerability : CVE-2025-4565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messag...

MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit

Summary When parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. Details By specification, multiple kinds of elements in MTLX support nesting other elements, such as in the case of nodegraph elements...

GHSA-WX6G-FM6F-W822 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit

Summary When parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. Details By specification, multiple kinds of elements in MTLX support nesting other elements, such as in the case of nodegraph elements...

CLSA-2025-1753801232 redis: Fix of CVE-2024-31228

CVE-2024-31228: fix unbounded recursion on supported commands by limiting pattern matching length...

OESA-2025-1800 protobuf security update

Security Fixes: Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of...

OESA-2025-1798 protobuf security update

Security Fixes: Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of...

CVE-2025-4565

A flaw was found in the python protobuf package which can result in a denial of service. Applications that parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages, or a series of SGROUP tags can be corrupted by exceeding the Python recursion...

protobuf-python has a potential Denial of Service issue

Summary Any project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. Reporter: Alexis Challande, Trail of Bits...

CVE-2025-4565

Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashin...

CVE-2025-4565

Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashin...

CVE-2025-4565 Unbounded recursion in Python Protobuf

Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashin...

Protobuf Pure-Python 安全漏洞

Protobuf Pure-Python is a Google data exchange format open-sourced by Protobuf. A security vulnerability exists in Protobuf Pure-Python that stems from exceeding the Python recursion limit when parsing recursive data, which could lead to a denial of service attack...

CVE-2020-9243

HUAWEI Mate 30 with versions earlier than 10.1.0.150C00E136R5P3 have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service...

Stack Based Buffer Overflow

MaterialX is vulnerable to stack-based buffer overflow. The vulnerability is due to the lack of a limit on nested file import recursion, which allows an attacker to craft deeply chained MaterialX file imports leading to a crash of the process...

CVE-2025-1752 Denial of Service in run-llama/llama_index

A Denial of Service DoS vulnerability has been identified in the KnowledgeBaseWebReader class of the run-llama/llamaindex project, affecting version latestv0.12.15. The vulnerability arises due to inappropriate secure coding measures, specifically the lack of proper implementation of the maxdepth...

CVE-2025-29918

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...

GHSA-5XQW-8HWV-WG92 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

A Helm contributor discovered that a specially crafted JSON Schema within a chart can lead to a stack overflow. Impact A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack...