1055 matches found
Uncontrolled Recursion
Overview Scriban is a Scriban is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Today, not only Scriban can be used in text templating scenarios, but also can ...
CVE-2026-30922
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
Uncontrolled Recursion
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Uncontrolled Recursion while processing of deeply nested query condition operators. An attacker can cause the server process...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion when decoding ASN.1 data. An attacker can cause the application to crash or exhaust system memory by supplying specially crafted ASN.1 data with deeply nested SEQUENCE or SET tags using indefinite Length markers...
Uncontrolled Recursion
Overview justhtml is an A pure Python HTML5 parser that just works. Affected versions of this package are vulnerable to Uncontrolled Recursion in the construction, when parsing deeply nested HTML structures. An attacker can cause the application to terminate unexpectedly or fail requests by...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the convcontentmodel function when parsing an inline document type definition containing a deeply nested content model. An attacker can cause a stack overflow and crash the process by providing specially crafte...
AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
Summary AutoMapper is vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an attacker to provide a specially crafted object graph that exhausts the thread's sta...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the core mapping engine when handling deeply nested object graphs. An attacker can cause the application to crash. Remediation Upgrade AutoMapper to version 15.1.3, 16.1.1 or higher. References - GitHub Advisor...
Security Bulletin: Vulnerability in libxml2 (CVE-2025-8732) affects AIX/VIOS
Summary Updated Mar 13 2026: Added iFix information for VIOS 3.1. Vulnerability in libxml2 could cause an uncontrolled recursion CVE-2025-8732. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2025-8732 DESCRIPTION: A vulnerability was found in libxml2 up to...
BIT-GITLAB-2026-1069 Uncontrolled Recursion in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances...
AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
AutoMapper is vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an attacker to provide a specially crafted object graph that exhausts the thread's stack memor...
ROS-20260313-73-0029
A vulnerability in the clippush function of the Linux operating system kernel is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
AutoMapper is vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an attacker to provide a specially crafted object graph that exhausts the thread's stack memor...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the parse function due to using a recursive revive phase to resolve circular references in deserialized JSON. An attacker can cause a stack overflow and crash the process by supplying a crafted payload with...
CVE-2026-1069
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances...
CVE-2026-1069 Uncontrolled Recursion in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances...
CVE-2026-1069
Removed by vendor...
ROS-20260311-73-0007
A vulnerability in the MongoDB database management system server is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Security update for coredns (important)
openSUSE Security Update: Security update for coredns Announcement ID: openSUSE-SU-2026:0080-1 Rating: important References: 1255345 1259319 1259320 Cross-References: CVE-2025-68156 CVE-2026-26017 CVE-2026-26018 CVSS scores: CVE-2025-68156 SUSE: 8.7...
CVE-2026-30980
iccDEV contains a stack overflow in CIccBasicStructFactory::CreateStruct() that can lead to uncontrolled recursion/stack exhaustion and crash. Affected versions are prior to 2.3.1.5; the issue is fixed in 2.3.1.5. Upgrade to 2.3.1.5 to remediate.