28 matches found
GHSA-9F5J-8JWJ-X28G python-ecdsa: Denial of Service via improper DER length validation in crafted private keys
Summary An issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions. 1. ecdsa.der.removeoctetstring accepts truncated DER where the encoded length exceeds the available buffer. For example, an OCTET STRING that declares a length of 40...
EUVD-2017-14914
Malware in sbrugna...
OSV-2025-467 Security exception in java.base/java.lang.StringUTF16.newBytesFor
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=424839378 Crash type: Security exception Crash state: java.base/java.lang.StringUTF16.newBytesFor java.base/java.lang.AbstractStringBuilder.inflate java.base/java.lang.AbstractStringBuilder.append...
CVE-2025-47944 Multer vulnerable to Denial of Service from maliciously crafted requests
Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.0 allows an attacker to trigger a Denial of Service DoS by sending a malformed multi-part upload request. This request causes an unhandled...
PT-2024-40636 · Git +1 · Checker-Framework
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the org.checkerframework.checker.formatter.util.FormatUtil.formatParameterCategories function, as part...
PT-2024-40589 · Oracle · Java.Base
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving methods in java.base, specifically java.util.Arrays.copyOfRange, java.lang.StringUTF16.newString, and...
PT-2024-40582 · Git +1 · Maven-Model
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the java.base/java.util.Arrays.copyOfRange, java.base/java.lang.StringUTF16.newString, and...
PT-2024-40813 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash has been reported, involving the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr and related Java...
PT-2024-40777 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr and...
PT-2024-40747 · Apache · Apache Lucene
Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception occurs in the ASCIIFoldingFilter class, specifically in the foldToASCII and incrementToken methods. This issue is related to a crash type of security exception...
PT-2024-40701 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java versions affected versions not specified Description: A security exception crash has been reported. The crash occurs in the java.base/java.util.Arrays.copyOf and java.base/java.util.ArrayList.grow functions. Recommendations: At the momen...
PT-2023-35613 · Git +1 · Apache Commons Lang
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the jaz.Zer class with methods reportFinding, reportFindingIfEnabled, and readObject. No information i...
PT-2023-35583 · Apache · Apache Lucene
Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the org.apache.lucene.util.ArrayUtil.growExact function, which is called by...
PT-2023-35580 · Unknown +1 · Com.Puppycrawl.Tools.Checkstyle +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash has been reported, involving the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr and...
PT-2023-36052 · Git +1 · Apache Poi
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the java.base/java.util.Arrays.copyOf, java.base/java.lang.AbstractStringBuilder.ensureCapacityInterna...
PT-2023-36039 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: A security exception crash has been reported. The crash involves the com.github.javaparser.GeneratedJavaParser.Expression and specific methods within java.base/sun.nio.cs.CESU 8$Encoder,...
PT-2023-35994 · Apache · Apache Lucene
Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported. The crash involves the org.apache.lucene.util.BytesRefBuilder constructor, and the clone methods of...
PT-2023-35988 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the insertComments function in com.github.javaparser.CommentsInserter, and the equals method in java.base/java.util.Objec...
PT-2023-35926 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: The issue is related to a security exception in the Java java.util.regex package, specifically in the Pattern$GroupTail.match function. The crash occurs when the BufferedWriter attempts to wri...
PT-2023-35896 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the JavaParser library. A crash occurs due to a security exception, with the crash state involving the TreeVisitorValidator.accept and...