Amazon Linux AMI : vim (ALAS-2022-1628)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1628 advisory. Use after free in appendcommand in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote...

Design/Logic Flaw

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173

CVE-2022-31173 affects the Juniper GraphQL server library for Rust. Affected versions are vulnerable to uncontrolled recursion, causing a program crash (denial of service). The issue is addressed in version 0.15.10; users should upgrade. If upgrading is not possible, a manual limit on recursion d...

graphql-rust 资源管理错误漏洞

graphql-rust is a Rust-based GraphQL server library. A resource management error vulnerability exists in versions of graphql-rust Juniper prior to 0.15.10, which stems from vulnerability to uncontrolled recursion that can cause a program to crash...

Amazon Linux 2 : vim (ALAS-2022-1829)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1829 advisory. Use after free in appendcommand in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote...

Uncontrolled Recursion

Overview std/io/fs is a Go standard library package std/io/fs Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion. Remediation Upgrade...

Uncontrolled Recursion

Overview std/encoding/xml is a Go standard library package std/encoding/xml Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Unmarshaling an XML document into a Go struct which has a nested field that uses the 'any' field tag can panic due to...

Uncontrolled Recursion

Overview std/path/filepath is a Go standard library package std/path/filepath Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion...

Uncontrolled Recursion

Overview std/encoding/xml is a Go standard library package std/encoding/xml Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Calling Decoder.Skip when parsing a deeply nested XML document can cause a panic due to stack exhaustion. Remediation...

Uncontrolled Recursion

Overview std/net/http is a Go standard library package std/net/http Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: A malicious HTTP server or client can cause the net/http client or server to panic.ReadRequest and ReadResponse can hit an...

CVE-2022-31099 Uncontrolled Recursion in rulex

rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. This is ...

OESA-2022-1717 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:2102-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2102-1 advisory. - CVE-2017-17087: Fixed information leak via .swp files bsc1070955. - CVE-2021-3875: Fixed heap-based buffer...

GHSA-H86H-8PPG-MXMH golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion

golang.org/x/net/http/httpguts in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...

golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion

golang.org/x/net/http/httpguts in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...

Uncontrolled Recursion

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...

re2c -- uncontrolled recursion

re2c reports: re2c before 2.0 has uncontrolled recursion that causes stack consumption in findfixedtags...

Uncontrolled Recursion

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...

Uncontrolled Recursion

Overview std/encoding/pem is a Go standard library package std/encoding/pem Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Stack overflow via a large amount of PEM data via the Decode function. An attacker can cause a stack overflow and...

CVE-2022-1771

Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975...