Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity Expansion' via tree parser APIs like REXML::Document.new function. An attacker can cause the application to consume excessive...

GHSA-74FP-R6JW-H4MP Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON or YAML parsing

CVE-2019-11253 is a denial of service vulnerability in the kube-apiserver, allowing authorized users sending malicious YAML or JSON payloads to cause kube-apiserver to consume excessive CPU or memory, potentially crashing and becoming unavailable. When creating a ConfigMap object which has...

pcre: infinite recursion compiling pattern with recursive reference in a group with indefinite repeat (8.36/20)

PCRE before 8.36 mishandles the /?Ra|?1+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

DEBIAN-CVE-2015-2327

PCRE before 8.36 mishandles the /a\2|a\g/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...

CVE-2007-6356

exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...

DEBIAN-CVE-2007-6356

exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...