PT-2026-4937

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtos compatibility layers/OSEK/tx osek.c when handling the return value of osek get counter. Specifically, the current code checks if cntr id equals 0u to determine failure, but @osek g...

Loofah gem for Ruby 安全漏洞

The Loofah gem for Ruby is a Ruby-based library for processing and converting HTML/XML documents. A security vulnerability exists in Loofah gem for Ruby versions 2.19.1 through 2.2.0, which stems from the use of recursion to clean up the CDATA section, making it susceptible to stack exhaustion an...

Uncontrolled Recursion

Overview loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Affected versions of this package are vulnerable to Uncontrolled Recursion when it uses recursion for sanitizing CDATA sections, making it susceptible to stack...

SUSE-SU-2015:1522-1 Security update for rubygem-rack-1_4

rubygem-rack-14 was updated to fix one security issue. This security issue was fixed: - CVE-2015-3225: Crafted requests could have caused a SystemStackError leading to Denial of Service. bsc934797...