3910 matches found
UBUNTU-CVE-2026-6811
Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...
CVE-2026-6811
Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...
CVE-2026-6811
CVE-2026-6811 affects the MongoDB PHP driver, with a stack exhaustion condition that can cause application crashes when processing deeply nested BSON documents. The issue is triggered in unusual circumstances when the BSON source is not from a MongoDB Server, and it is characterized by high avail...
CVE-2026-6811 PHP Stack Exhaustion
Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...
PHP Stack Exhaustion
Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...
CVE-2026-6811
Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...
CVE-2026-6811 PHP Stack Exhaustion
Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...
Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak
Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...
MongoDB PHP Driver 安全漏洞
The MongoDB PHP Driver is an open-source driver developed by MongoDB for PHP applications, enabling connection to MongoDB databases. The MongoDB PHP Driver has a security vulnerability that stems from a stack overflow issue when processing deeply nested BSON documents, which may lead to applicati...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-019019)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-019019 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Tenable...
CVE-2026-41257
A flaw was found in jq, a command line JSON processor. The memory allocation size is calculated using a signed integer that can overflow when processing deeply nested generator forks. This integer overflow allows an attacker who can supply a sufficiently nested input to influence the memory...
CVE-2026-44007
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require'vm2' regardless of the outer VM's require configuration — including require: false. With access to vm2, the sandbox constructs a new inner NodeVM wi...
CVE-2026-43896
A flaw was found in jq, a command line JSON processor. The jvobjectmergerecursive function, reachable via the operator when both operands are objects, does not have a depth limit when processing nested objects. This missing depth limit allows an attacker who can supply a sufficiently nested input...
CVE-2026-40612
A flaw was found in jq, a command line JSON processor. The jvcontains function does not have a depth limit when processing nested arrays or objects. This missing depth limit allows an attacker who can supply a sufficiently nested input structure to exhaust the stack memory, causing an application...
Uncontrolled Recursion
Overview protobufjs is a protocol buffer for JavaScript & TypeScript. Affected versions of this package are vulnerable to Uncontrolled Recursion through the Root.fromJSON or Namespace.addJSON functions. An attacker can cause resource exhaustion and disrupt service availability by submitting a...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion through the Root.fromJSON or Namespace.addJSON functions. An attacker can cause resource exhaustion and disrupt service availability by submitting a crafted JSON descriptor with deeply nested namespace definitions...
CVE-2026-45033
GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerability has been identified in GitHub Copilot CLI where a malicious bare git repository nested inside a project directory can achieve arbitrary code execution when the agent...
CVE-2026-45033 GitHub Copilot CLI: Nested Bare Repository Can Execute Arbitrary Commands via core.fsmonitor
GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerability has been identified in GitHub Copilot CLI where a malicious bare git repository nested inside a project directory can achieve arbitrary code execution when the agent...
CVE-2026-45033
GitHub Copilot CLI (affected component: Git operations in Copilot CLI) contains a local privilege/command execution flaw exposed when a malicious bare git repository is nested within a project directory. The issue arises from git auto-discovery of bare repositories during directory traversal, all...
pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion
An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...