CVE-2022-25857

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...

UBUNTU-CVE-2022-25857

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...

CVE-2022-25857 Denial of Service (DoS)

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...

CVE-2022-25857

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...

CVE-2022-25857

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...

PT-2022-6923 · Unknown +8 · Org.Yaml:Snakeyaml +8

Name of the Vulnerable Software and Affected Versions: org.yaml:snakeyaml versions 0 through 1.30 Description: The issue is related to a Denial of Service DoS vulnerability due to missing nested depth limitation for collections in the SnakeYAML library, which is used for serialization and...

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.

...

DEBIAN-CVE-2021-3997

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp...

AZL-10638 CVE-2021-3997 affecting package systemd for versions less than 250.3-21

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp...

CVE-2021-3997

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp...

golang: go/parser: stack exhaustion in all Parse* functions

A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability...

golang: encoding/xml: stack exhaustion in Decoder.Skip

A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

Stack exhaustion due to deeply nested types in go/parser

...

The vulnerability of the lock_sock_nested() function in Android operating system kernels, which allows a malicious actor to exploit their privileges

The vulnerability of the locksocknested function in Android operating system kernels is related to the use of memory after it is freed due to improper synchronization of the general resource. Exploiting this vulnerability can allow an attacker to enhance their privileges...

AZL-10537 CVE-2022-30635 affecting package golang for versions less than 1.18.5-1

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures...

CVE-2022-30635

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures...

AZL-10536 CVE-2022-30633 affecting package golang for versions less than 1.18.5-1

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...

CVE-2022-30633

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...

DEBIAN-CVE-2022-30633

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...

CVE-2022-30633

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...