Oracle MySQL Connectors CVE-2024-7254 (April 2025 CPU)

The 9.0.0 and 9.2.0 versions of MySQL Connectors installed on the remote host is affected by CVE-2024-7254 as referenced in the April 2025 CPU advisory. - Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted ...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability...

Security update for expat

This update for expat fixes the following issues: CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion bsc1239618 Other fixes: - version update to 2.7.1 jscPED-12500 Bug fixes: 980 989 Restore event pointer behavior...

SUSE CVE-2025-32387

Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...

CVE-2025-29918

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...

CVE-2024-52981

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...

CVE-2024-52980

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...

GHSA-5XQW-8HWV-WG92 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

A Helm contributor discovered that a specially crafted JSON Schema within a chart can lead to a stack overflow. Impact A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack...

BIT-ELASTICSEARCH-2024-52981

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...

BIT-ELASTICSEARCH-2024-52980 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...

CVE-2025-32387 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...

PT-2025-15873

Name of the Vulnerable Software and Affected Versions: Helm versions prior to 3.17.3 Description: A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue wa...

GHSA-5XM9-X7X4-4J5X Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...

Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...

Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...