CVE-2025-23325

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 version 2.14.5 and earlier, which stems from an uncontrolled recursion problem...

PT-2025-32375

Name of the Vulnerable Software and Affected Versions libxml2 versions up to 2.14.5 Description A vulnerability exists in libxml2 related to uncontrolled recursion within the xmlParseSGMLCatalog function of the xmlcatalog component. The issue can be triggered with untrusted SGML catalogs. The...

CVE-2025-23325

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...

CVE-2025-23325

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...

CVE-2025-23325

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...

CVE-2025-23325

CVE-2025-23325 affects NVIDIA Triton Inference Server for Windows and Linux. The vulnerability is an attacker-caused uncontrolled recursion via crafted input, with a stated potential impact of denial of service. The entry lists a CVSS v3.1 base score of 7.5 (High) with network attack vector and n...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion through the pdfseparate process. An attacker can cause the application to enter an infinite recursion by supplying a specially crafted PDF file, resulting in resource exhaustion and service disruption. Remediation...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion when processing a crafted PDF file containing cyclic /Next references in the outline structure via the stripoutline function. An attacker can cause the application to enter an infinite recursion and crash by...

Uncontrolled Recursion

Overview PyMuPDF is an A high performance Python library for data extraction, analysis, conversion & manipulation of PDF and other documents. Affected versions of this package are vulnerable to Uncontrolled Recursion when processing a crafted PDF file containing cyclic /Next references in the...

Uncontrolled Recursion

Overview PyMuPDFPro is a Commercial extensions for PyMuPDF; enables Office document handling, including doc, docx, hwp, hwpx, ppt, pptx, xls, xls, and others. Supports text and table extraction, document conversion and more. Affected versions of this package are vulnerable to Uncontrolled Recursi...

Uncontrolled Recursion

Overview mupdf is a MuPDF.js Affected versions of this package are vulnerable to Uncontrolled Recursion when processing a crafted PDF file containing cyclic /Next references in the outline structure via the stripoutline function. An attacker can cause the application to enter an infinite recursio...

PT-2025-32164 · Nvidia · Nvidia Triton Inference Server

Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server for Windows and Linux affected versions not specified Description: The NVIDIA Triton Inference Server contains a flaw that allows an attacker to trigger uncontrolled recursion with a crafted input. Successful...

Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2025-1092)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1092 advisory. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input. CVE-2025-53605 Tenabl...

com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT

A denial of service flaw has been discovered in Connect2id Nimbus JOSE + JWT. This issue can allow a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set...

Amazon Linux 2 : rust (ALAS-2025-2933)

The version of rust installed on the remote host is prior to 1.86.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2933 advisory. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup...

Security Bulletin: IBM Sterling Connect:Direct Web Services uses commons-lang3 and is vulnerable to CVE-2025-48924

Summary IBM Sterling Connect:Direct Web Services is vulnerable to uncontrolled recursion vulnerability in Apache Commons Lang. This has been addressed in new build available from IBM Repository. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache...

The vulnerability of the MongoDB database management system server allows a hacker to cause a service failure.

The vulnerability of the MongoDB database management system server is related to an uncontrolled recursion. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

The vulnerability of the ClassUtils.getClass() function in the Apache Commons Lang library for the Java programming language allows a attacker to trigger a denial-of-service attack.

The vulnerability of the ClassUtils.getClass method in the Apache Commons Lang library for the Java programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Denial Of Service (DoS)

com.nimbusds:nimbus-jose-jwt is vulnerable to Denial Of Service DoS. The vulnerability is due to uncontrolled recursion due to lack of validation on JSON object nesting depth in JWT claim sets, allowing remote attackers to exhaust system resources with deeply nested structures...