182 matches found
CVE-2025-5302
A flaw was found in the JSONReader component of the llamaindex Python package, where the depthfirstyield function has no limit on the recursive number of times it is called. This vulnerability causes Python to reach its maximum recursive depth when parsing deeply nested JSON files. The program...
Linux Distros Unpatched Vulnerability : CVE-2018-20822
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in...
Low: apache-commons-lang3
Issue Overview: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass... can throw StackOverflowError on...
Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: Update to version 3.18.0 CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2025:02818-1 Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: - Update to version 3.18.0 - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397...
OESA-2025-2032 apache-commons-lang security update
The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...
OESA-2025-2030 apache-commons-lang security update
The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...
OESA-2025-2031 apache-commons-lang security update
The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...
Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:02785-1 Security update for apache-commons-lang3
This update for apache-commons-lang3 fixes the following issues: - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397...
CVE-2025-8732
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...
OESA-2025-1972 apache-commons-lang security update
The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...
Uncontrolled Recursion
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Uncontrolled Recursion via the ReadDataFromJsonHelper and JsonBytesArrayByteSize functions. An attacker can cause a...
CVE-2025-23325
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service...
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
An uncontrolled recursion flaw was found in the Apache Commons Lang library. The ClassUtils.getClass... method can throw a StackOverflowError on very long inputs. Since this error is typically not handled by applications and libraries, a StackOverflowError may lead to the termination of an...
OESA-2025-1929 apache-commons-lang3 security update
The standard Java libraries fail to provide enough methods for manipulation of its core classes. The Commons Lang Component provides these extra methods. Lang provides a host of helper utilities for the java.lang API, notably String manipulation methods, basic numerical methods, object reflection...
Security Bulletin: IBM Sterling Connect:Direct Web Services uses commons-lang3 and is vulnerable to CVE-2025-48924
Summary IBM Sterling Connect:Direct Web Services is vulnerable to uncontrolled recursion vulnerability in Apache Commons Lang. This has been addressed in new build available from IBM Repository. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache...
SUSE SLED15: libprotobuf-lite25_1_0 / libprotobuf-lite25_1_0-32bit / etc (SUSE-SU-2025:02311-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02311-1 advisory. - CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of...
UBUNTU-CVE-2025-48924
Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass... can throw StackOverflowError on very long input...
AZL-65577 CVE-2025-53605 affecting package kata-containers-cc 3.2.0.azl2-8
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...