Lucene search
K

36 matches found

Cvelist
Cvelist
added 2026/06/25 5:22 p.m.35 views

CVE-2026-47770 jq: stack overflow in deep structural equality

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS0.00111EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 5:22 p.m.5 views

CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS5.9AI score0.00111EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 6:28 p.m.7 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:32 p.m.5 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Jackson-Databind

In FasterXML Jackson-Databind before version 2.13.4, resource exhaustion can occur due to the lack of a check in BeanDeserializer.deserializeFromArray, which prevents the use of deeply nested arrays. An application becomes vulnerable only with certain customized choices for deserialization...

7.5CVSS6.4AI score0.02656EPSS
Exploits1References1
OSV
OSV
added 2026/06/11 10:16 p.m.4 views

UBUNTU-CVE-2026-44250

Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 7:1 p.m.7 views

GHSA-3244-J874-RHC2 Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays

Summary An attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive number of state objects and collections, leading to memory exhaustion and an OutOfMemoryError. Details io.netty.handler.codec.redis.RedisArrayAggregator...

7.5CVSS5.5AI score0.00371EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/24 12:8 a.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/02/24 12:8 a.m.7 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.30 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.12 (RHSA-2025:1747)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1747 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

10CVSS8.9AI score0.99999EPSS
Exploits407References35
RedHat Linux
RedHat Linux
added 2023/06/19 10:15 a.m.4 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/18 9:54 a.m.6 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/04 3:59 p.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/03 3:54 p.m.4 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/08 2:54 p.m.4 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/06 9:1 a.m.5 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/01 10:2 p.m.8 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.10 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.8 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02656EPSS
Exploits1References4
Rows per page
Query Builder