Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation

A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service DoS via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic an...

RHEL 9 : opentelemetry-collector (RHSA-2025:23729)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23729 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: github.com/expr-lang/expr: Expr: Denial of Service via...

RLSA-2025:23664 Important: opentelemetry-collector security update

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 For more details about the security issues, including the...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libxml2 (UTSA-2025-991295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991295 advisory. Uncontrolled recursion inXPath evaluationin libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPa...

Expr has Denial of Service via Unbounded Recursion in Builtin Functions

...

SUSE CVE-2025-68156

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation...

github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation

A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service DoS via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic an...

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

EUVD-2025-204250

Nodemailer is vulnerable to DoS through Uncontrolled Recursion...

Duplicate Advisory: Nodemailer is vulnerable to DoS through Uncontrolled Recursion

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rcmh-qjqh-p98v. This link is maintained to preserve external references. Original Description A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header...

GHSA-46J5-6FG5-4GV3 Duplicate Advisory: Nodemailer is vulnerable to DoS through Uncontrolled Recursion

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rcmh-qjqh-p98v. This link is maintained to preserve external references. Original Description A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header...

CVE-2025-14874

A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header that triggers infinite recursion in the address parser...

CVE-2025-14874

A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header that triggers infinite recursion in the address parser...

CVE-2025-14874

A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header that triggers infinite recursion in the address parser...

CVE-2025-14874 Nodemailer: nodemailer: denial of service via crafted email address header

A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header that triggers infinite recursion in the address parser...

CVE-2025-14874

Nodemailer CVE-2025-14874 is a DoS vulnerability in the Nodemailer library where a crafted email address header triggers infinite recursion in the address parser. Affected product: Nodemailer (Node.js). Root cause: address parser recursion leading to denial of service. Impact: high availability l...

CVE-2025-14874 Nodemailer: nodemailer: denial of service via crafted email address header

A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header that triggers infinite recursion in the address parser...

CVE-2025-14874

A flaw was found in Nodemailer. This vulnerability allows a denial of service DoS via a crafted email address header that triggers infinite recursion in the address parser. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

Nodemailer 安全漏洞

Nodemailer is a JS codebase from the Nodemailer team that uses a JS codebase that provides the ability to send emails. A security vulnerability exists in Nodemailer that originates from infinite recursion in the address parser and could lead to a denial of service attack...