Lucene search
K

12 matches found

Veracode
Veracode
added 2025/07/14 9:29 a.m.9 views

Denial Of Service (DoS)

com.nimbusds:nimbus-jose-jwt is vulnerable to Denial Of Service DoS. The vulnerability is due to uncontrolled recursion due to lack of validation on JSON object nesting depth in JWT claim sets, allowing remote attackers to exhaust system resources with deeply nested structures...

5.8CVSS6.1AI score0.00806EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2025/07/11 3:16 a.m.10 views

CVE-2025-53864

Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2i...

5.8CVSS7AI score0.00806EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/09 12:22 p.m.4 views

kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning

A flaw incorrect memory access in the Linux kernel Mellanox network Ethernet or RDMA device driver was found. A local user could use this flaw to crash the system...

5.5CVSS7.2AI score0.00218EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: lib: objagg: Fix general protection fault

linux kernel's lib objagg can incorrectly permit object nesting in an unallowed circumstance, based on lack of appropriate checks stemming from assumption violations. The incorrect object creation from this assumption can lead to general protection fault...

5.5CVSS6.9AI score0.00215EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 12:54 a.m.8 views

kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning

A flaw incorrect memory access in the Linux kernel Mellanox network Ethernet or RDMA device driver was found. A local user could use this flaw to crash the system...

5.5CVSS7.2AI score0.00218EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/09/09 12:0 a.m.26 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-069)

The version of kernel installed on the remote host is prior to 5.10.224-212.876. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-069 advisory. 2024-12-05: CVE-2024-41042 was added to this advisory. 2024-09-26: CVE-2024-42302 was added to this...

7.8CVSS6.7AI score0.0032EPSS
Exploits3References18
NVD
NVD
added 2024/08/21 1:15 a.m.18 views

CVE-2024-43880

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...

5.5CVSS0.00218EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2024/08/21 1:15 a.m.22 views

CVE-2024-43880

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...

5.5CVSS6.4AI score0.00218EPSS
Exploits0References25
Vulnrichment
Vulnrichment
added 2024/08/21 12:6 a.m.26 views

CVE-2024-43880 mlxsw: spectrum_acl_erp: Fix object nesting warning

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...

6.7AI score0.00218EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an object nesting warning issue in the mlxsw component when handling ACLs...

5.5CVSS6.4AI score0.00218EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2023/12/07 1:41 p.m.4 views

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

7.5CVSS6.9AI score0.01119EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/05/17 3:49 p.m.8 views

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

7.5CVSS6.9AI score0.01119EPSS
Exploits1References6
Rows per page
Query Builder