GHSA-62HF-57XW-28J9 Axios: unbounded recursion in toFormData causes DoS via deeply nested request data

Summary toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. Details lib/helpers/toFormData.js:210 defines an inner buildvalue, path that recurses into every object/array child line 225:...

PT-2026-28167

Name of the Vulnerable Software and Affected Versions yaml versions prior to 1.10.3 yaml versions prior to 2.8.3 Description The yaml library is susceptible to a stack overflow when parsing YAML documents. The issue occurs during the node resolution/composition phase, which uses recursive functio...

CVE-2026-32933 AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion

AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service DoS attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an...

BIT-MONGODB-2026-1849 Mongod can run out of stack memory when expressions create deeply nested documents

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...

CVE-2026-1849

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...

SUSE CVE-2025-71161

In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...

SUSE-SU-2018:2158-1 Security update for ovmf

This update for ovmf provide the following fix: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth bsc1094290, bsc1094291. Bug fixes: - Only use SLES-UEFI-CA-Certificate-2048.crt for the SUSE flavor to provide the better...

Fedora 8 : rb_libtorrent-0.12-3.fc8 (2008-1198)

A potential remote exploit was found in the bdecoderecursive routine that could trigger a stack overflow when passed malformed message data. This release adds a fix for this issue from the upstream subversion repository that limits the maximum recursive depth of this function. Note that Tenable...