1055 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-21232
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - re2c before 2.0 has uncontrolled recursion that causes stack consumption in findfixedtags. CVE-2018-21232 Note that Nessus relies on the presence of the package...
Linux Distros Unpatched Vulnerability : CVE-2022-3222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. CVE-2022-3222 Note that Nessus relies on the presence of the package as reported by th...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Recursion vulnerability in Apache Commons [CVE-2025-48924]
Summary IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Recursion vulnerability in Apache Commons Lang, caused by the methods ClassUtils.getClass... possibily throwing a StackOverflowError on very long inputs CVE-2025-48924. Apache Commons is used in our speech service...
Security Bulletin: Vulerability commons-lang3 affects IBM Integrated Analytics System
Summary The commons-lang3 library is used by IBM Integrated Analytics System for core utility functions. A vulnerability was identified in the ClassUtils.getClass... method, where uncontrolled recursion on very long inputs can trigger a StackOverflowError. As this error is often unhandled, it may...
Uncontrolled Recursion
Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Uncontrolled Recursion via the JSONReader component. An attacker can cause excessive resource consumption and crash the process by submitting deeply nested JSON files...
CVE-2025-5302
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
CVE-2025-5302
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
CVE-2025-5302 Denial of Service (DOS) in JSONReader in run-llama/llama_index
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
Linux Distros Unpatched Vulnerability : CVE-2019-9192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, ...
OESA-2025-2061 apache-commons-lang security update
The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...
Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Java and Node.js (CVE-2025-48924, CVE-2025-4949)
Summary There are multiple vulnerabilities in Java and Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
Amazon Linux 2023 : javapackages-bootstrap (ALAS2023-2025-1149)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1149 advisory. Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0...
SUSE: Security Advisory (SUSE-SU-2025:02818-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache-commons-lang3 (SUSE-SU-2025:02818-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02818-1 advisory. - Update to version 3.18.0 - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead...
CVE-2025-24302
Uncontrolled recursion for some TinyCBOR libraries maintained by IntelR before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20025
Uncontrolled recursion for some TinyCBOR libraries maintained by IntelR before version 0.6.1 may allow an authenticated user to potentially enable denial of service via local access...
Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:02786-1 Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397...
SUSE-SU-2025:02785-1 Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to uncontrolled recursion in the CBOR data processing. An attacker can gain elevated privileges by providing specially crafted input that triggers excessive recursive calls. Remediation A fix was pushed into t...