5135 matches found
SUSE CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
PT-2026-33338
Name of the Vulnerable Software and Affected Versions Protobuf PHP versions prior to 5.34.0-RC1 Protobuf PHP versions prior to 4.33.6 Description A Denial of Service DoS issue exists during the parsing of untrusted input. Maliciously structured messages, specifically those containing negative...
Linux Distros Unpatched Vulnerability : CVE-2026-26209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial ...
GHSA-XCX6-VP38-8HR5 Scriban has Uncontrolled Recursion in `object.to_json` Causing Unrecoverable Process Crash via StackOverflowException
Summary The object.tojson builtin function in Scriban performs recursive JSON serialization via an internal WriteValue static local function that has no depth limit, no circular reference detection, and no stack overflow guard. A Scriban template containing a self-referencing object passed to...
Scriban has Uncontrolled Recursion in `object.to_json` Causing Unrecoverable Process Crash via StackOverflowException
Summary The object.tojson builtin function in Scriban performs recursive JSON serialization via an internal WriteValue static local function that has no depth limit, no circular reference detection, and no stack overflow guard. A Scriban template containing a self-referencing object passed to...
Uncontrolled Recursion
Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Uncontrolled Recursion in the...
Uncontrolled Recursion
Overview Scriban is a Scriban is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Today, not only Scriban can be used in text templating scenarios, but also can ...
Uncontrolled Recursion
Overview Scriban is a Scriban is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Today, not only Scriban can be used in text templating scenarios, but also can ...
Uncontrolled Recursion
Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Uncontrolled Recursion through th...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons Lang (CVE-2025-48924)
Summary A vulnerability in Apache Commons Lang that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
CLSA-2026-1774366791 Fix CVE(s): CVE-2026-24484
SECURITY UPDATE: denial-of-service from nested multi-layer MVG-to-SVG conversions - debian/patches/CVE-2026-24484.patch: Throw VectorGraphicsNestedTooDeeply when vector-graphics nesting reaches MagickMaxRecursionDepth; fix crashes caused by unbounded nesting of graphic-context elements. -...
SUSE-SU-2026:20821-1 Security update for python-pyasn1
This update for python-pyasn1 fixes the following issue: - CVE-2026-30922: Denial of Service via Unbounded Recursion bsc1259803...
Denial Of Service (DoS)
github.com/expr-lang/expr is vulnerable to denial of service DoS. The vulnerability is due to missing recursion depth limits in certain builtin functions, which allows an attacker to supply deeply nested or cyclic data structures and trigger infinite recursion leading to stack overflow and...
ROS-20260324-73-0026
A vulnerability in the eventpoll component of the Linux kernel is related to uncontrolled recursion. Exploitation of the vulnerability allows an attacker to cause a denial of service...
cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
Summary - The cbor2 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. - This vulnerability affects both the pure Python implementation and the C extension cbor2. The C extension correctly uses Python's C-API for...
EUVD-2026-14478
cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads...
GHSA-3C37-WWVX-H642 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
Summary - The cbor2 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. - This vulnerability affects both the pure Python implementation and the C extension cbor2. The C extension correctly uses Python's C-API for...
CVE-2026-26209
A flaw was found in cbor2, a library for encoding and decoding Concise Binary Object Representation CBOR data. A remote attacker can exploit this vulnerability by sending a specially crafted CBOR payload containing deeply nested structures. This can cause the application to crash due to...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
DEBIAN-CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...