MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit

Summary When parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. Details By specification, multiple kinds of elements in MTLX support nesting other elements, such as in the case of nodegraph elements...

PT-2025-31672 · Materialx · Materialx

Name of the Vulnerable Software and Affected Versions: MaterialX version 1.39.2 Description: MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. Nested imports of MaterialX files can lead to a crash due to stack memory...

Amazon Linux 2 : jackson (ALAS-2025-2934)

The version of jackson installed on the remote host is prior to 1.9.4-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2934 advisory. jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. In...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

MAL-2025-6379 Malicious code in vite-postcss-nested (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90b82844a67ec3b8867102d72b3fc6c039e456bf27ae2cc4679ff7d3d831c1c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview vite-postcss-nested is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in vite-postcss-nested (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90b82844a67ec3b8867102d72b3fc6c039e456bf27ae2cc4679ff7d3d831c1c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-33759

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a cache coherency vulnerability within the x86/sev subsystem related to Secure Nested Paging SNP memory validation. The issue requires cache line eviction...

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

Sparse Regression Codes for Secret Key Agreement: Achieving Strong Secrecy and Near-Optimal Rates for Gaussian Sources

Secret key agreement from correlated physical layer observations is a cornerstone of information-theoretic security. This paper proposes and rigorously analyzes a complete, constructive protocol for secret key agreement from Gaussian sources using Sparse Regression Codes SPARCs. Our protocol...

serde-json-wasm crate 安全漏洞

serde-json-wasm crate is a Rust library open-sourced by CosmWasm. A security vulnerability exists in serde-json-wasm crate versions prior to 1.0.1, which stems from deeply nested JSON data that may lead to stack consumption...

Security update for polkit

This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2025:02528-1 Security update for polkit

This update for polkit fixes the following issues: - CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472...

Security update for polkit

This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2025:02525-1 Security update for polkit

This update for polkit fixes the following issues: - CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472...