18 matches found
PT-2026-41980
Name of the Vulnerable Software and Affected Versions Kanidm versions prior to 1.9.3 Description An unauthenticated GET request to any /scim/v1/... endpoint using a ?filter= query string containing several thousand nested parentheses approximately 4–12 KB can cause a stack overflow. This occurs...
SUSE-SU-2026:1417-1 Security update for python
This update for python fixes the following issues: - CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined bsc1259611. - CVE-2026-3479: improper resource argument validation can allow path traversal bsc1259989. - CVE-2026-3644: incomplete control...
SUSE-SU-2026:21104-1 Security update for python313
This update for python313 fixes the following issues: Update to version 3.13.13. - CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. - CVE-2026-2297: incorrectly handled hook in FileLoader can...
EUVD-2024-54289
Malicious code in bioql PyPI...
com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError
A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...
com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError
A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...
CVE-2024-58102
An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing user-supplied queries containing deeply nested expressions...
CVE-2024-58102
An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing user-supplied queries containing deeply nested expressions...
CVE-2024-58102
An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing user-supplied queries containing deeply nested expressions...
Datalust Seq 安全漏洞
Datalust Seq is a logging server from Datalust Australia. It is used to speed up diagnostics in complex, asynchronous and distributed applications. A security vulnerability exists in Datalust Seq versions prior to 2024.3.13545, which stems from an insecure default parsing depth limit that could...
CVE-2024-58102
An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing user-supplied queries containing deeply nested expressions...
CVE-2024-58102
An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing user-supplied queries containing deeply nested expressions...
CVE-2024-58102
CVE-2024-58102 affects Datalust Seq prior to 2024.3.13545. The issue is an insecure default parsing depth limit that allows stack consumption when processing user-supplied queries containing deeply nested expressions. This is the stated root cause and impacts availability (via potential stack exh...
SUSE CVE-2013-4113
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...
php: xml_parse_into_struct buffer overflow when parsing deeply nested XML
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...
php: xml_parse_into_struct buffer overflow when parsing deeply nested XML
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...
php: xml_parse_into_struct buffer overflow when parsing deeply nested XML
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...
php: xml_parse_into_struct buffer overflow when parsing deeply nested XML
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...