CVE-2019-15542

An issue in the ammonia crate for Rust (before 2.1.0) causes uncontrolled recursion during HTML DOM tree serialization in the affected component. The documents provide the vulnerability description but do not specify exploit vectors, practical impact beyond potential recursion, or concrete remedi...

CVE-2018-20993

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

CVE-2018-20993

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

CVE-2018-20993

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

Deserialization of untrusted data

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

CVE-2018-20993

The CVE-2018-20993 entry concerns the yaml-rust crate for Rust, where versions before 0.4.1 allow uncontrolled recursion during deserialization. Affected is the yaml-rust crate (pre-0.4.1); impact is potential disruption/crash due to recursion depth. Remediation: upgrade to 0.4.1 or newer; if upg...

CVE-2018-20993

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

CVE-2018-20993

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

DEBIAN-CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

UBUNTU-CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

CVE-2019-15144

DjVuLibre 3.5.27 contains a denial-of-service flaw in GArrayTemplate::sort triggered by crafted PBM files (libdjvu/GContainer.h). This CVE is CVE-2019-15144. Connected advisories (Debian, Mageia, Gentoo, Fedora, Cloud Foundry, Astra Linux) confirm the issue and note fixes/updates to djvulibre pac...

Uncontrolled Recursion in Django

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uritoiri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences...

CVE-2019-1010182

yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The component is: YamlLoader::loadfromstr function. The attack vector is: Parsing of a malicious YAML document. The fixed version is: 0.4.1 and later...

CVE-2019-1010182

yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The component is: YamlLoader::loadfromstr function. The attack vector is: Parsing of a malicious YAML document. The fixed version is: 0.4.1 and later...

CVE-2019-1010182

yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The component is: YamlLoader::loadfromstr function. The attack vector is: Parsing of a malicious YAML document. The fixed version is: 0.4.1 and later...

CVE-2019-1010183

serde serdeyaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of service by aborting. The component is: from functions all deserialization functions. The attack vector is: Parsing a malicious YAML file. The fixed version is: 0.8.4 and later...

Deserialization of untrusted data

serde serdeyaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of service by aborting. The component is: from functions all deserialization functions. The attack vector is: Parsing a malicious YAML file. The fixed version is: 0.8.4 and later...

CVE-2019-1010182

Yaml-rust 0.4.0 and earlier are affected by Uncontrolled Recursion in YamlLoader::load_from_str. The impact is a Denial of Service via an uncatchable abort, triggered by parsing a malicious YAML document. The fix is in 0.4.1 and later. This aligns across Red Hat, Debian, Ubuntu, OSV, and NVD entr...