Linux Distros Unpatched Vulnerability : CVE-2022-30632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containin...

Linux Distros Unpatched Vulnerability : CVE-2022-30633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshallin...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to a missing maximum tree depth check in emitter functions. Remediation Upgrade rapidyaml to version 0.7.0 or higher. References - GitHub Commit - GitHub PR...

Netplex Json-smart Uncontrolled Recursion vulnerability

A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS. This issue exists because of an incomplete fix for...

The vulnerability of the sqlparse.parse() function in the SQL parser module for Python, Sqlparse, allows a hacker to cause a service failure.

The vulnerability of the sqlparse.parse function in the SQL parser module for Python, Sqlparse, is related to an uncontrolled recursion during the processing of deeply nested lists. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2024-56200 Uncontrolled Recursion and Asymmetric Resource Consumption in Altair media/file proxy

Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this...

CVE-2024-56200 Uncontrolled Recursion and Asymmetric Resource Consumption in Altair media/file proxy

Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this...

CVE-2024-49363 Uncontrolled Recursion and Asymmetric Resource Consumption (Amplification) in media/file proxy in Misskey

Misskey is an open source, federated social media platform. In affected versions FileServerService media proxy in github.com/misskey-dev/misskey 2024.10.1 or earlier did not detect proxy loops, which allows remote actors to execute a self-propagating reflected/amplified distributed...

CVE-2024-49363 Uncontrolled Recursion and Asymmetric Resource Consumption (Amplification) in media/file proxy in Misskey

Misskey is an open source, federated social media platform. In affected versions FileServerService media proxy in github.com/misskey-dev/misskey 2024.10.1 or earlier did not detect proxy loops, which allows remote actors to execute a self-propagating reflected/amplified distributed...

RUSTSEC-2024-0437 Crash due to uncontrolled recursion in protobuf crate

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data...

Crash due to uncontrolled recursion in protobuf crate

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input. This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data...

The vulnerability of the Next.js software platform for creating web applications, related to uncontrolled recursion, allows attackers to trigger service failures.

The vulnerability of the Next.js web application development software platform is related to uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor to cause service failures...

ROS-20241001-10

A vulnerability in the Parse function of the Go programming language is related to uncontrolled recursion. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. A vulnerability in the Decoder.Decode function of the Go programming language is...

OESA-2024-2208 squid security update

Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid ma...

The vulnerability of the H5E_printf_stack() function in the H5Eint.c file of the HDF5 library allows a attacker to disclose protected information.

The vulnerability of the H5Eprintfstack function in the H5Eint.c file of the HDF5 library is related to an uncontrolled recursion. Exploiting this vulnerability could allow a remote attacker to disclose sensitive information that is protected by this function...

Vulnerability in file H5Eint.c of the HDF5 library, which allows a hacker to cause a service failure

The vulnerability in the H5Eint.c file of the HDF5 library is related to an uncontrolled recursion. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Decoder.Decode function in the Go programming language allows a hacker to trigger a service failure.

The vulnerability of the Decoder.Decode function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Parse function in the Go programming language, which allows a hacker to trigger a service failure

The vulnerability of the Parse function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Parse function in the Go programming language, which allows a hacker to trigger a service failure

The vulnerability of the Parse function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

Uncontrolled Recursion

Overview std/go/build/constraint is a Go standard library package std/go/build/constraint Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stac...