342 matches found
CVE-2025-67899
A flaw was found in uriparser. This vulnerability allows unbounded recursion and stack consumption via large input containing many commas. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...
GHSA-CFPF-HRX2-8RV6 Expr has Denial of Service via Unbounded Recursion in Builtin Functions
Several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse...
Expr has Denial of Service via Unbounded Recursion in Builtin Functions
Several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the flatten, min, max, mean, and median functions when processing deeply nested or cyclic data structures. An attacker can cause the application to crash by supplying maliciously...
CVE-2025-68156 Expr has Denial of Service via Unbounded Recursion in Builtin Functions
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation...
CVE-2025-68156 Expr has Denial of Service via Unbounded Recursion in Builtin Functions
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation...
SUSE CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
EUVD-2025-203311
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
Linux Distros Unpatched Vulnerability : CVE-2025-67899
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
DEBIAN-CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
AZL-72862 CVE-2025-67899 affecting package uriparser 0.9.7-2
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
AZL-72379 CVE-2025-67899 affecting package uriparser 0.9.8-3
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
UBUNTU-CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
CVE-2025-67899
CVE-2025-67899 affects uriparser up to version 0.9.9, where unbounded recursion leads to stack consumption on large inputs (ParseMustBeSegmentNzNc with many commas). Connected advisories confirm the issue and direct upgrade to uriparser-1.0.0 as the remediation (e.g., Fedora/FEDORA advisories). O...