DEBIAN-CVE-2021-30471

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow...

UBUNTU-CVE-2021-30471

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow...

CVE-2018-10868

redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host...

CVE-2018-10868

redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host...

Sourceforge PoDoFo 安全漏洞

PoDoFo is a free, portable and easy to use PDF parsing, modification and creation library. An uncontrolled recursive call vulnerability exists in the PdfTokenizer::ReadArray, PdfTokenizer::GetNextVariant and PdfTokenizer::ReadDataType functions in PoDoFo version 0.9.7. An attacker could exploit...

Red Hat Certification 访问控制错误漏洞

Red Hat Certification is a software package from Red Hat USA. An Access Control Error vulnerability exists in Redhat redhat-certification 7 that stems from an inability to properly limit the number of recursive definitions of entities in an XML document. An attacker could exploit the vulnerabilit...

Oracle Linux 8 : krb5 (ELSA-2021-1593)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1593 advisory. - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 Tenable has extracted the preceding description block directly from the Oracle Linux security...

krb5 security update

1.18.2-8 - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 - Resolves: 1906492 1.18.2-7 - Document -k option in kvno1 synopsis - Resolves: 1869055 1.18.2-6 - Enable MD5 override for FIPS RADIUS - Resolves: 1872689 1.18.2-5.2 - Unify kvno option documentation - Resolves: 1869055...

Stack overflow in `ParseAttrValue` with nested tensors

Impact The implementation of ParseAttrValue can be tricked into stack overflow due to recursion by giving in a specially crafted input. Patches We have patched the issue in GitHub commit e07e1c3d26492c06f078c7e5bf2d138043e199c1. The fix will be included in TensorFlow 2.5.0. We will also cherrypic...

CVE-2021-28903

A stack overflow in libyang = v1.0.225 can cause a denial of service through function lyxmlparsemem. lyxmlparseelem function will be called recursively, which will consume stack space and lead to crash...

CVE-2021-28903

A stack overflow in libyang = v1.0.225 can cause a denial of service through function lyxmlparsemem. lyxmlparseelem function will be called recursively, which will consume stack space and lead to crash...

CVE-2021-27432

OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...

CVE-2021-27432

OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...

Stack overflow

OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...

CVE-2021-27432

OPC Foundation UA .NET Standard and OPC UA .NET Legacy are affected by CVE-2021-27432 due to an uncontrolled recursion that can trigger a stack overflow. Affected products are OPC UA .NET Standard prior to 1.4.365.48 and OPC UA .NET Legacy. The vulnerability enables remote exploitation (network v...

CVE-2021-27434

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior .NET 4.5, 4.0, and 3.5 Framework versions only are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...

CVE-2021-27434

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior .NET 4.5, 4.0, and 3.5 Framework versions only are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...

RHEL 8 : krb5 (RHSA-2021:1593)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1593 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords...

Moderate: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

A flaw was found in krb5. MIT Kerberos 5 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...