Lucene search
K

12 matches found

RedHat Linux
RedHat Linux
added 2026/05/20 8:47 p.m.11 views

org.apache.neethi: Apache Neethi: Denial of Service via circular policy references

A flaw was found in Apache Neethi. An attacker can exploit this vulnerability by crafting malicious WS-Policy documents that contain circular policy references. This can cause the policy normalization process to enter an infinite loop or excessive recursion, leading to a stack overflow or...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/13 6:55 p.m.13 views

CVE-2026-42403

A flaw was found in Apache Neethi. An attacker can exploit this vulnerability by crafting malicious WS-Policy documents that contain circular policy references. This can cause the policy normalization process to enter an infinite loop or excessive recursion, leading to a stack overflow or...

7.5CVSS5.7AI score0.00763EPSS
Exploits0References4
Veracode
Veracode
added 2026/05/07 8:31 a.m.17 views

Denial Of Service

Apache Neethi is vulnerable to Denial of Service.The vulnerability is due to improper handling of circular references during policy normalization, where recursive policy references are not detected, leading to infinite loops or excessive recursion that can cause stack overflow or application hang...

7.5CVSS5.9AI score0.00763EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/05/01 11:24 a.m.6 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop when processing circular policy references. An attacker can cause denial of service by submitting malicious policy documents containing circular references. Remediation Upgrade org.apache.neethi:neethi to version 3.2.2 or...

8.7CVSS5.8AI score0.00763EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/01 9:30 a.m.11 views

Apache Neethi does not properly detect circular references in policy definitions.

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/01 9:30 a.m.5 views

GHSA-2HFH-9H53-QC24 Apache Neethi does not properly detect circular references in policy definitions.

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 9:16 a.m.5 views

CVE-2026-42403

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS0.00763EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/01 8:38 a.m.5 views

EUVD-2026-26486

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/01 8:38 a.m.6 views

CVE-2026-42403

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/01 8:38 a.m.4 views

CVE-2026-42403 Apache Neethi: Circular Policy Reference Infinite Loop

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references where Policy A references Policy B which references Policy A, the policy normalization process can enter an infinite loop or cause excessive recursion,...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References1
CVE
CVE
added 2026/05/01 8:38 a.m.88 views

CVE-2026-42403

Apache Neethi (CVE-2026-42403) can fail to detect circular WS-Policy references during policy normalization, causing infinite recursion or an infinite loop that may lead to stack overflow or application hang. An attacker can craft policy documents with circular references, resulting in Denial of ...

7.5CVSS5.8AI score0.00763EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.12 views

Apache Neethi 资源管理错误漏洞

Apache Neethi is a policy processing framework library developed by the Apache Foundation. There is a resource management vulnerability in Apache Neethi; this vulnerability stems from an improper detection of circular references in policy definitions. This can cause the policy normalization proce...

7.5CVSS5.9AI score0.00763EPSS
Exploits0References1
Rows per page
Query Builder