CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

GHSA-PWF9-Q62P-V7WC Wire has Uncontrolled Recursion on Nested Groups

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

Wire has Uncontrolled Recursion on Nested Groups

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to improper enforcement of recursion limits in ByteArrayProtoReader32.kt and ProtoReader.kt. An attacker can cause a denial of service by sending deeply nested group structures. Remediation Upgrade...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

CVE-2024-58103

CVE-2024-58103 affects Square Wire prior to 5.2.0, where ByteArrayProtoReader32.kt and ProtoReader.kt do not enforce a recursion limit on nested groups. Root cause: lack of recursion depth limit in the reader implementation, enabling deeply nested structures that can lead to resource exhaustion. ...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

Square Wire 安全漏洞

Square Wire is an open source protocol buffer processing library open-sourced by Square in the United States, mainly used for efficient data serialization and deserialization. A security vulnerability exists in Square Wire versions prior to 5.2.0, which stems from not enforcing a recursion...

CVE-2024-58103

Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...

AZL-58641 CVE-2024-8176 affecting package expat for versions less than 2.6.4-1

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2

...

The vulnerability of the sqfs_size function in the U-Boot loader allows a hacker to execute arbitrary code.

The vulnerability of the sqfssize function in the U-Boot loader is related to an uncontrolled recursion. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

GHSA-2GH3-RMM4-6RQ5 Crash due to uncontrolled recursion in protobuf crate

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the message on untrusted data...

Crash due to uncontrolled recursion in protobuf crate

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the message on untrusted data...

PT-2025-28031 · Protobuf +1 · Protobuf +1

Name of the Vulnerable Software and Affected Versions: protobuf crate for Rust versions prior to 3.7.2 Description: The issue allows uncontrolled recursion in the protobuf::coded input stream::CodedInputStream::skip group function when parsing unknown fields in untrusted input. This can occur due...

CLSA-2025-1741291038 expat: Fix of CVE-2024-28757

CVE-2024-28757: Prevent billion laughs attacks in isolated external parser part of 839 Reject direct parameter entity recursion part of 839...

Linux Distros Unpatched Vulnerability : CVE-2022-23901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Note that Nessus relies on the presence of the package...

Linux Distros Unpatched Vulnerability : CVE-2023-1436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads...

Linux Distros Unpatched Vulnerability : CVE-2024-35886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log,...