Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion through unbounded recursion in the Parser process. An attacker can cause process termination and denial of service by submitting a specially crafted, deeply nested input that exhausts the stack and triggers a...

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...

CVE-2026-42039

A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the toFormData function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922

Summary IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for...

CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

DEBIAN-CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

NPM: Axios: unbounded recursion in toFormData causes DoS via deeply nested request data

NPM: Axios: unbounded recursion in toFormData causes DoS via deeply nested request data vulnerability discovered by ? in WordPress Npm axios versions = 0.31.0...

Axios: unbounded recursion in toFormData causes DoS via deeply nested request data

Summary toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. Details lib/helpers/toFormData.js:210 defines an inner buildvalue, path that recurses into every object/array child line 225:...

CVE-2026-44028

CVE-2026-44028 affects Nix and Lix: unbounded recursion in the NAR (Nix Archive) parser can cause a stack-to-heap overflow when parsing on a coroutine stack. The stack lacks a guard page, enabling a stack overflow to overwrite heap memory and potentially execute arbitrary code as the Nix daemon (...

ROS-20260505-73-0019

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0015

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-36940

Name of the Vulnerable Software and Affected Versions Nix versions 2.24.4 through 2.34.6 Lix versions 2.93.0 through 2.95.1 Description Unbounded recursion in the NAR Nix Archive parser can lead to a stack-to-heap overflow when the parser operates on a coroutine stack. Because the stack is...

ROS-20260505-73-0016

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0018

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0017

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Security Bulletin: IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922.

Summary IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyas...

pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

Security Bulletin: pyasn1 Uncontrolled Recursion in ASN.1 Decoding Enables Denial of Service

Summary pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested...