Astra Linux - уязвимость в netcdf

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlentok mishandles recursion, leading to stack consumption for a crafted XML file...

Astra Linux - уязвимость в binutils

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...

OESA-2026-2188 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

JLSEC-2026-304

HDF5 Library through 1.14.3 allows stack consumption in the function H5Eprintfstack in H5Eint.c...

OESA-2026-2089 gcc security update

The gcc package contains the GNU Compiler Collection version 14. Security Fixes: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangleconst, as demonstrated by nm-new.CVE-2022-27943...

Security update for uriparser

This update for uriparser fixes the following issues: CVE-2025-67899: large input containing many commas can cause unbounded recursion and stack consumption bsc1255000. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2026:0444-1 Security update for uriparser

This update for uriparser fixes the following issues: - CVE-2025-67899: large input containing many commas can cause unbounded recursion and stack consumption bsc1255000...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000889)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000889 advisory. Stack consumption vulnerability in the parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denia...

MiracleLinux 3 : dbus-1.1.2-15.AXS3 (AXSA:2011-108:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-108:01 advisory. D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messagin...

CVE-2021-41737

In Faust 2.23.1, an input file with the lines "// r visualisation tCst" and "//process = +: L: abM-^Q;" and "process = route3333333333333333333,2,1,2,3,1 : ;" leads to stack consumption...

CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

CVE-2020-24345

JerryScript through 2.3.0 allows stack consumption via function anew new Proxya,JSON.parse"",a. NOTE: the vendor states that the problem is the lack of the --stack-limit option...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the ParseMustBeSegmentNzNc function when processing large input containing many commas. An attacker can cause excessive stack consumption and application crash by supplying specially crafted input. Remediation...

CVE-2025-67899

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...

CVE-2025-67899

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...

Uriparser 安全漏洞

Uriparser is a strictly Rfc 3986 compliant Uri parsing and processing library written in C89. A security vulnerability exists in Uriparser version 0.9.9 and earlier, which stems from allowing infinite recursion and stack consumption...

OESA-2025-2484 poppler security update

is a PDF rendering library. Security Fixes: Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in...

OESA-2025-2481 poppler security update

is a PDF rendering library. Security Fixes: Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in...

OESA-2025-2480 poppler security update

is a PDF rendering library. Security Fixes: Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in...

OESA-2025-2479 poppler security update

is a PDF rendering library. Security Fixes: Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in...