1134 matches found
Uncontrolled Recursion
Overview llama-index-readers-web is a llama-index readers web integration Affected versions of this package are vulnerable to Uncontrolled Recursion due to improper handling of the maxdepth parameter in the getarticleurls function. An attacker can exhaust system resources and crash the applicatio...
Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2025-055)
The version of runc installed on the remote host is prior to 1.1.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-055 advisory. Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go...
Stack Overflow
Helm is vulnerable to Stack Overflow. The vulnerability is due to uncontrolled recursion due to deeply nested $ref chains in JSON Schema files within charts, which can exceed the stack size limit during parsing...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Base OS issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the LoadArchiveFiles function in archive.go. An attacker can cause a stack overflow by submitting a JSON Schema with excessive nested references. Workaround This vulnerability can be mitigated by ensuring that...
Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to uncontrolled recursion in golang (CVE-2022-30631)
Summary Golang is used by IBM Storage Fusion Data Foundation in mcg and cephcsi. as part of the operator. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2022-30631. Vulnerability Details CVEID:CVE-2022-30631 DESCRIPTION: Golang G...
Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to Uncontrolled Recursion in golang (CVE-2022-30632)
Summary Golang is used by IBM Storage Fusion Data Foundation in mcg and cephcsi. as part of the operator. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2022-30632. Vulnerability Details CVEID:CVE-2022-30632 DESCRIPTION: Golang G...
Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to Uncontrolled Recursion in Golang (CVE-2022-30635)
Summary Golang is used by IBM Storage Fusion Data Foundation as part of the operator's intrinsic functionality. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2022-30635. Vulnerability Details CVEID:CVE-2022-30635 DESCRIPTION:...
Uncontrolled Recursion
Square Wire is vulnerable to Uncontrolled Recursion. The vulnerability is due to uncontrolled recursion depth due to the lack of a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt, which can lead to excessive resource consumption or stack overflow...
Uncontrolled Recursion
Overview llama-index-readers-web is a llama-index readers web integration Affected versions of this package are vulnerable to Uncontrolled Recursion via the KnowledgeBaseWebReader class's getarticleurls function. An attacker can trigger a crash by supplying a URL to an object containing an href...
GHSA-PWF9-Q62P-V7WC Wire has Uncontrolled Recursion on Nested Groups
Square Wire before 5.2.0 does not enforce a recursion limit on nested groups in ByteArrayProtoReader32.kt and ProtoReader.kt...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to improper enforcement of recursion limits in ByteArrayProtoReader32.kt and ProtoReader.kt. An attacker can cause a denial of service by sending deeply nested group structures. Remediation Upgrade...
The vulnerability of the sqfs_size function in the U-Boot loader allows a hacker to execute arbitrary code.
The vulnerability of the sqfssize function in the U-Boot loader is related to an uncontrolled recursion. Exploiting this vulnerability could allow a hacker to execute arbitrary code...
GHSA-2GH3-RMM4-6RQ5 Crash due to uncontrolled recursion in protobuf crate
Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the message on untrusted data...
Crash due to uncontrolled recursion in protobuf crate
Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the message on untrusted data...
PT-2025-28031 · Protobuf +1 · Protobuf +1
Name of the Vulnerable Software and Affected Versions: protobuf crate for Rust versions prior to 3.7.2 Description: The issue allows uncontrolled recursion in the protobuf::coded input stream::CodedInputStream::skip group function when parsing unknown fields in untrusted input. This can occur due...