CVE-2025-68134 EVerest's use of assert functions can potentially lead to denial of service

EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the assert function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denia...

EUVD-2025-206324

EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the assert function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denia...

CVE-2025-68134 EVerest's use of assert functions can potentially lead to denial of service

EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the assert function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denia...

Everest-Core: Input validation vulnerability

Everest-core is a major component of the open-source electric vehicle charging software stack developed by EVerest. Versions of everest-core prior to 2025.10.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the use of the assert function to handle...

ROS-20260114-7329

A vulnerability in the ovlencoderealfh fs/overlayfs/copyup.c and showmarkfhandle fs/notify/fdinfo.c functions of the Linux operating system kernel is related to a flaw in the use of assert. Exploitation of the vulnerability allows an attacker to cause a denial of service...

CVE-2018-4474

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure...

CVE-2019-18844

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pcicore.h instead of other mechanisms for propagating error information or diagnostic information, which might allow attackers to cause a denial of service assertion failu...

AZL-73529 CVE-2025-69227 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

DEBIAN-CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

CVE-2025-69227

CVE-2025-69227 affects AIOHTTP (async HTTP client/server for asyncio) with vulnerable versions 3.13.2 and earlier. The issue is an infinite loop that can trigger a DoS when assert statements are bypassed during POST body processing; if optimizations are enabled (-O or PYTHONOPTIMIZE=1) and a hand...

CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

EUVD-2026-1045

AIOHTTP vulnerable to DoS when bypassing asserts...

AIOHTTP vulnerable to DoS when bypassing asserts

Summary When assert statements are bypassed, an infinite loop can occur, resulting in a DoS attack when processing a POST body. Impact If optimisations are enabled -O or PYTHONOPTIMIZE=1, and the application includes a handler that uses the Request.post method, then an attacker may be able to...

CVE-2025-48768

Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...

CVE-2025-48768

Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...

SUSE CVE-2023-54080

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfsrelocclonecsums, there is no checksum for the corresponding region. In this case,...

EUVD-2025-204942

Malicious code in assert-json-not npm...

MAL-2025-192711 Malicious code in assert-json-not (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad56c36eacf8881039723de4379e14983280b611dba15585274909b1a3c1b326 The package assert-json-not was found to contain malicious code...