173 matches found
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the toString function in the AST Serialization. An attacker can cause uncontrolled recursion by providing specially crafted input, potentially resulting in resource exhaustion and application unavailability...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the toString function in the AST Serialization. An attacker can cause uncontrolled recursion by providing specially crafted input, potentially resulting in resource exhaustion and application unavailability...
CVE-2026-9358
A vulnerability was determined in postcss up to 7.1.1. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-9358
A vulnerability was determined in postcss up to 7.1.1. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The exploit has been...
EUVD-2026-31571
A vulnerability was determined in postcss up to 7.1.1. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-9358
The CVE-2026-9358 vulnerability affects postcss up to 7.1.1, specifically the toString function in src/selectors/container.js of the AST Serialization component. A manipulated input can cause uncontrolled recursion, enabling a remote DoS. Public exploitation is indicated, with PoC-like details ci...
CVE-2026-9358 postcss AST Serialization container.js toString recursion
A vulnerability was determined in postcss up to 7.1.1. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The exploit has been...
PostCSS 安全漏洞
PostCSS is an open-source style transformation tool developed by PostCSS. Versions of PostCSS 7.1.1 and earlier contained a security vulnerability. This vulnerability stemmed from improper handling of the toString function in the file/src/selectors/container.js component AST serialization, which...
PT-2026-42916
A vulnerability was determined in postcss up to 7.1.1. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The exploit has been...
Insertion of Sensitive Information into Log File
Overview org.apache.kafka:kafka-clients is a streaming platform that can publish and subscribe to streams of records, store streams of records in a fault-tolerant durable way, and process streams of records as they occur. Affected versions of this package are vulnerable to Insertion of Sensitive...
OSV-2026-354 Use-of-uninitialized-value in pcpp::MplsLayer::toString
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489360236 Crash type: Use-of-uninitialized-value Crash state: pcpp::MplsLayer::toString FuzzTarget.cpp pcpp::RawPacket::RawPacket...
This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.
...
bn.js affected by an infinite loop
This affects versions of the package bn.js before 4.12.3 and 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
GHSA-378V-28HJ-76WF bn.js affected by an infinite loop
This affects versions of the package bn.js before 4.12.3 and 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
CVE-2026-2739
This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
DEBIAN-CVE-2026-2739
This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
CVE-2026-2739
This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
CVE-2026-2739
This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
CVE-2026-2739
This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
CVE-2026-2739
CVE-2026-2739 affects bn.js versions before 5.2.3. Calling maskn(0) on any BN instance corrupts internal state, causing toString(), divmod(), and related methods to enter an infinite loop and hang the process. The Snyk/NVD/CVE listings confirm the impact and provide examples; the recommended reme...