16 matches found
CVE-2026-46668 SpiceDB: Caveat structures with nested lists can result in improper cache reuse
SpiceDB is an open source database system for creating and managing security-critical application permissions. From version 1.15.0 to before version 1.52.0, caveat structures with nested lists can result in improper cache reuse. This issue has been patched in version 1.52.0...
CVE-2026-46668 SpiceDB: Caveat structures with nested lists can result in improper cache reuse
SpiceDB is an open source database system for creating and managing security-critical application permissions. From version 1.15.0 to before version 1.52.0, caveat structures with nested lists can result in improper cache reuse. This issue has been patched in version 1.52.0...
CVE-2026-46668
The CVE-2026-46668 issue affects SpiceDB releases earlier than v1.52.0, where caveat structures containing nested lists could cause improper cache reuse. Affected versions range from v1.15.0 up to, but not including, v1.52.0. The root cause centers on how nested caveat data is cached, enabling po...
CVE-2026-42328 go-ipld-prime: DAG-CBOR and DAG-JSON decoders unbounded recursion depth
go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Prior to 0.23.0, the DAG-CBOR and DAG-JSON decoders recurse on each nested map or list...
GHSA-MQCF-GQVG-RMHM SpiceDB: Caveat structures with nested lists can result in improper cache reuse
Impact Users are impacted if: - They have a caveat structure with a nested list, e.g.: zed caveat shapex list x == "a", "b" - Their system exercises that caveat with either CheckBulkPermission or else LookupResources running with the --experimental-lookup-resources-version flag set to lr3, implyi...
Pillow 安全漏洞
Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 11.2.1 to 12.2.0 contained security vulnerabilities. These vulnerabilities were caused by the possibility of a heap buffer overflow when nested lists were passed as coordinates to the API...
Pillow has a heap buffer overflow with nested list coordinates
Passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursively unpacked beyond the allocated buffer. Coordinate lists are now validated to...
Security Bulletin: Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
Summary Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. Vulnerability Details CVEID:CVE-2024-4340 DESCRIPTION: Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError. CWE:CWE-674: Uncontrolled Recursio...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
The vulnerability of the sqlparse.parse() function in the SQL parser module for Python, Sqlparse, allows a hacker to cause a service failure.
The vulnerability of the sqlparse.parse function in the SQL parser module for Python, Sqlparse, is related to an uncontrolled recursion during the processing of deeply nested lists. Exploiting this vulnerability could allow a malicious actor to cause service failures...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
sqlparse: parsing heavily nested list leads to denial of service
A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...
USN-6771-1 sqlparse vulnerability
It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause a denial of service...
DEBIAN-CVE-2024-4340
Passing a heavily nested list to sqlparse.parse leads to a Denial of Service due to RecursionError...