rubygem-loofah: Uncontrolled Recursion leading to denial of service

An uncontrolled recursion vulnerability was found in rubygem loofah. While sanitizing certain sections, loofah is susceptible to stack exhaustion, which can result in a denial of service through CPU resource consumption...

jettison: Uncontrolled Recursion in JSONArray

A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown...

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

GLSA-202305-15 : systemd: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-15 systemd: Multiple Vulnerabilities - A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp...

GLSA-202305-16 : Vim, gVim: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-16 Vim, gVim: Multiple Vulnerabilities - Use after free in utfptr2char in GitHub repository vim/vim prior to 8.2.4646. CVE-2022-1154 - heap buffer overflow in getonesourceline in GitHub repository vim/vim prior to 8.2.4647...

USN-6049-1 netty vulnerabilities

It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. CVE-2020-11612 It wa...

SUSE-SU-2023:1948-1 Security update for jettison

This update for jettison fixes the following issues: Upgrade to version 1.5.4: - CVE-2023-1436: Fixed infinite recursion triggered when constructing a JSONArray from a Collection bsc1209605...

OESA-2023-1224 json-smart security update

Json-smart is a performance focused, JSON processor lib. Security Fixes: Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to th...

Denial Of Service (DoS)

libOpenImageIO.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to trigger uncontrolled recursion via a malicious input through FitsOutput::close function , causing the application to crash...

CVE-2023-1436

A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown...

The vulnerability of the lib/nlattr.c component in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the lib/nlattr.c component in Linux operating systems is related to an uncontrolled recursion. Exploiting this vulnerability could allow an attacker to cause a service failure...

OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1709 OpenImageIO Project OpenImageIO FitsOutput::close denial of service vulnerability March 30, 2023 CVE Number CVE-2023-24472 SUMMARY A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1...

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

SUSE CVE-2020-36691

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service unbounded recursion via a nested Netlink policy with a back reference...

CBL Mariner 2.0 Security Update: vim (CVE-2022-1771)

The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1771 advisory. - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. CVE-2022-1771 Note that Nessus has not...

CVE-2020-36691

A flaw was found in lib/nlattr.c in the Linux kernel, before 5.8. This issue may allow an attacker to cause a denial of service unbounded recursion through a nested Netlink policy with a back reference...

DEBIAN-CVE-2020-36691

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service unbounded recursion via a nested Netlink policy with a back reference...

CVE-2020-36691

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service unbounded recursion via a nested Netlink policy with a back reference...

CVE-2020-36691

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service unbounded recursion via a nested Netlink policy with a back reference...