CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/08/15 12:56 p.m.•3 views

SUSE-SU-2025:02818-1 Security update for apache-commons-lang3

This update for apache-commons-lang3 fixes the following issues: - Update to version 3.18.0 - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397...

5.3CVSS6.8AI score0.02164EPSS

Exploits0References3

OSV•added 2025/08/15 12:40 p.m.•4 views

OESA-2025-2032 apache-commons-lang security update

The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...

OSV•added 2025/08/15 12:40 p.m.•4 views

OESA-2025-2030 apache-commons-lang security update

OSV•added 2025/08/15 12:40 p.m.•5 views

OESA-2025-2031 apache-commons-lang security update

SUSE Linux•added 2025/08/13 11:51 a.m.•5 views

Security update for apache-commons-lang3

This update for apache-commons-lang3 fixes the following issues: CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.7CVSS6.6AI score0.02164EPSS

OSV•added 2025/08/13 11:50 a.m.•2 views

SUSE-SU-2025:02785-1 Security update for apache-commons-lang3

This update for apache-commons-lang3 fixes the following issues: - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397...

5.3CVSS7.1AI score0.02164EPSS

Exploits0References3

NVD•added 2025/08/08 5:15 p.m.•6 views

CVE-2025-8732

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

4.8CVSS0.00135EPSS

Exploits0References7

OSV•added 2025/08/08 11:16 a.m.•4 views

OESA-2025-1972 apache-commons-lang security update

Snyk•added 2025/08/06 1:42 p.m.•1 views

Uncontrolled Recursion

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Uncontrolled Recursion via the ReadDataFromJsonHelper and JsonBytesArrayByteSize functions. An attacker can cause a...

8.7CVSS6.7AI score0.00439EPSS

Cvelist•added 2025/08/06 12:40 p.m.•5 views

CVE-2025-23325

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS0.00439EPSS

Exploits0References3

RedHat Linux•added 2025/08/01 5:42 p.m.•6 views

commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

An uncontrolled recursion flaw was found in the Apache Commons Lang library. The ClassUtils.getClass... method can throw a StackOverflowError on very long inputs. Since this error is typically not handled by applications and libraries, a StackOverflowError may lead to the termination of an...

5.3CVSS7.1AI score0.02164EPSS

Exploits0References5

OSV•added 2025/08/01 1:2 p.m.•4 views

OESA-2025-1929 apache-commons-lang3 security update

The standard Java libraries fail to provide enough methods for manipulation of its core classes. The Commons Lang Component provides these extra methods. Lang provides a host of helper utilities for the java.lang API, notably String manipulation methods, basic numerical methods, object reflection...

5.3CVSS6.2AI score0.02164EPSS

IBM Security Bulletins•added 2025/07/29 4:21 p.m.•6 views

Security Bulletin: IBM Sterling Connect:Direct Web Services uses commons-lang3 and is vulnerable to CVE-2025-48924

Summary IBM Sterling Connect:Direct Web Services is vulnerable to uncontrolled recursion vulnerability in Apache Commons Lang. This has been addressed in new build available from IBM Repository. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache...

5.3CVSS6.7AI score0.02164EPSS

Exploits0Affected Software1

Tenable Nessus•added 2025/07/16 12:0 a.m.•2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : protobuf (SUSE-SU-2025:02311-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02311-1 advisory. - CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of...

8.2CVSS6.9AI score0.00281EPSS

OSV•added 2025/07/11 3:15 p.m.•4 views

UBUNTU-CVE-2025-48924

Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass... can throw StackOverflowError on very long input...

5.3CVSS6.7AI score0.02164EPSS

OSV•added 2025/07/05 1:15 a.m.•4 views

AZL-65577 CVE-2025-53605 affecting package kata-containers-cc 3.2.0.azl2-8

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS5.7AI score0.0038EPSS

Exploits0References1

OSV•added 2024/11/27 6:20 p.m.•4 views

CVE-2023-29001 Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

8.7CVSS6.7AI score0.00538EPSS