UBUNTU-CVE-2025-59466

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

CVE-2025-59466

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

CVE-2025-59466

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

CVE-2025-59466

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

Linux Distros Unpatched Vulnerability : CVE-2025-59466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - We have identified a bug in Node.js error handling where Maximum call stack size exceeded errors become uncatchable when asynchooks.createHook is enabled. Inste...

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Overview Affected versions of this package are vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior due to a flaw in error handling when asynchooks or AsyncLocalStorage is enabled. Normally, a "Maximum call stack size exceeded" error stack overflow is catchable by...

CVE-2025-59789 Apache bRPC: Stack Exhaustion via Unbounded Recursion in JSON Parser

Uncontrolled recursion in the json2pb component in Apache bRPC version 1.15.0 on all platforms allows remote attackers to make the server crash via sending deep recursive json data. Root Cause: The bRPC json2pb component uses rapidjson to parse json data from the network. The rapidjson parser use...

node-forge 安全漏洞

node-forge is a software application. A WebJar for node-forge. A security vulnerability exists in node-forge 1.3.1 and earlier versions, which stems from uncontrolled recursion and could lead to a denial of service triggered by a remote, unauthenticated attacker via a deep ASN.1 structure...

EUVD-2025-25708

Malicious code in bioql PyPI...

CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...

CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...

CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...

CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...

CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...

Linux Distros Unpatched Vulnerability : CVE-2022-42321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations e.g. for deleting a sub-tree of Xenstore...

CVE-2025-5302

The CVE-2025-5302 affects the JSONReader in run-llama/llama_index v0.12.37, where unconstrained recursion on deeply nested JSON can exhaust Python recursion depth, causing high CPU/memory use and potential DoS. The issue is resolved in v0.12.38. Remediation: upgrade llama_index to 0.12.38 or late...

CVE-2024-38443

C/sorting/binaryinsertionsort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements...

CVE-2024-27454

orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents...

PT-2024-28005 · Unknown · The Algorithms

Name of the Vulnerable Software and Affected Versions: The Algorithms - C versions through e5dad3f Description: The issue is related to a segmentation fault caused by deep recursion in the binary insertion sort.c file. This may impact common use cases, such as sorting an array of 50 elements...

RHEL 7 : screen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - screen: Stack overflow due to deep recursion causing process freeze CVE-2015-6806 Note that Nessus has not tested f...