Spoofing

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following backtrace was extracted fro...

UBUNTU-CVE-2021-46939

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following backtrace was extracted fro...

CVE-2021-46939 tracing: Restructure trace_clock_global() to never block

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following backtrace was extracted fro...

Denial Of Service (DoS)

orjson is vulnerable to Denial Of Service. The vulnerability is due to the lack of recursion depth limits during parsing, which allows attackers to potentially cause denial of service by supplying deeply nested JSON documents...

MikroTik RouterOS Uncontrolled Recursion (CVE-2019-13955)

Mikrotik RouterOS before 6.44.5 long-term release tree is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected. This plugin only works with Tenable.ot. Please...

MikroTik RouterOS Uncontrolled Recursion (CVE-2018-1158)

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

GHSA-PWR2-4V36-6QPR orjson does not limit recursion for deeply nested JSON documents

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

orjson does not limit recursion for deeply nested JSON documents

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

PYSEC-2024-40

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

PYSEC-2024-40

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

Design/Logic Flaw

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

DEBIAN-CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

orjson Security Vulnerabilities

orjson is a fast and correct Python JSON library for ijl individual developers. A security vulnerability exists in versions of orjson prior to 3.9.15, which stems from recursion in unrestricted deeply nested JSON documents...

CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

The vulnerability of the Open vSwitch component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the Open vSwitch component in the Linux operating system is related to an uncontrolled recursion. Exploiting this vulnerability could allow a attacker to cause a service failure...

CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

CVE-2024-27454

The CVE-2024-27454 issue affects the orjson project: orjson before 3.9.15 does not limit recursion for deeply nested JSON documents. Affected component is the orjson loader/parse path (orjson.loads) with potential recursion explosion. The vulnerability is reflected in CVSS 3.1 as HIGH impact to a...