nest 安全漏洞

Nest is a Node.js framework developed by NestJS, designed for building efficient, scalable, and enterprise-level server-side applications using TypeScript/JavaScript. Versions of Nest prior to 11.1.19 contained a security vulnerability. This vulnerability stemmed from the recursive invocation of...

SUSE-SU-2026:20657-1 Security update for libxslt, libxml2

This update for libxslt, libxml2 fixes the following issues: libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI bsc1256807, bsc1256811 - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to...

CVE-2026-24006

Seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, serialization of objects with extreme depth can exceed the maximum call stack limit. In version 1.4.1, Seroval introduces a depthLimit parameter in...

CVE-2025-59466

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

CVE-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

Node.js: Uncatchable "Maximum call stack size exceeded" error on Node.js via async_hooks leads to process crashes bypassing error handlers

A vulnerability was identified in Node.js error handling where "Maximum call stack size exceeded" errors became uncatchable when asynchooks.createHook was enabled. Instead of reaching process.on'uncaughtException', the process terminated, making the crash unrecoverable...

BIT-MATTERMOST-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

CVE-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

CVE-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

CVE-2022-0903

CVE-2022-0903 describes a call stack overflow bug in Mattermost Server’s SAML login feature. In versions up to and including 6.3.2, a maliciously crafted POST body can trigger a stack overflow, causing the server to crash (Denial of Service). Affected: Mattermost Server, SAML login handler; Impac...

PT-2022-13515 · Mattermost · Mattermost Server

Name of the Vulnerable Software and Affected Versions: Mattermost server versions up to and including 6.3.2 Description: A call stack overflow bug in the SAML login feature allows an attacker to crash the server by submitting a maliciously crafted POST body to the login endpoint. Recommendations:...

VxWorks 6.9.x < 6.9.4.12 / 7 (SR540) / 7 (SR610) Multiple Vulnerabilities (URGENT/11)

Binary data 701083.prm...

Debian: Security Advisory (DSA-2149-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2149-1 (dbus)

The remote host is missing an update to dbus announced via advisory DSA 2149-1. OpenVAS Vulnerability Test $Id: deb21491.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2149-1 dbus Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian DSA-2149-1 : dbus - denial of service

Remi Denis-Courmont discovered that dbus, a message bus application, is not properly limiting the nesting level when examining messages with extensive nested variants. This allows an attacker to crash the dbus system daemon due to a call stack overflow via crafted messages. %NASLMINLEVEL 70300 C...

[SECURITY] [DSA 2149-1] Security update for dbus

--------------------------------------------------------------------------- Debian Security Advisory DSA-2149-1 [email protected] http://www.debian.org/security/ Nico Golde January 20, 2011 http://www.debian.org/security/faq -...