Uncontrolled Recursion

Overview org.apache.commons:commons-configuration2 is a group of tools to assist in the reading of configuration/preferences files in various formats. Affected versions of this package are vulnerable to Uncontrolled Recursion when processing untrusted YAML configuration files containing cyclic...

Allocation of Resources Without Limits or Throttling

Overview next is a react framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the createMap, createSet, and extractIterator functions in packages/react-server/src/ReactFlightReplyServer.js. An attacker can crash the server by...

EUVD-2026-17757

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

CVE-2026-3778 Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

CVE-2026-3778

CVE-2026-3778 affects Foxit PDF Editor/Reader (Foxit Reader) across platforms as described in connected records. The root cause is cyclic PDF object references created by pages and annotations referencing each other in a loop, which, when the document is processed by APIs that perform deep traver...

CVE-2026-3778 Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

PT-2026-29438

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

EUVD-2024-48003

Malicious code in bioql PyPI...

EUVD-2022-4321

Malicious code in bioql PyPI...

CVE-2025-46206

A PDF parsing flaw was found in mupdf. If an attacker convinces a user to open a malformed PDF file locally, they may induce an infinite loop. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprisi...

DEBIAN-CVE-2025-46206

An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the mutool clean utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the stripoutline function enters infinite recursion...

CVE-2025-46206

An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the mutool clean utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the stripoutline function enters infinite recursion...

CVE-2025-46206

An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the mutool clean utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the stripoutline function enters infinite recursion...

CVE-2024-6324

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...

Linux Distros Unpatched Vulnerability : CVE-2015-7558

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service infinite loop, stack consumption, and application crash via cyclic...

BIT-GITLAB-2024-6324 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...

CVE-2024-6324

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...

UBUNTU-CVE-2024-6324

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...

CVE-2024-6324 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...

CVE-2024-6324 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics...