Lucene search
+L

57 matches found

cvelist
cvelist
added 2026/06/23 9:0 p.m.35 views

CVE-2026-50193 jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if and only if the service reads deeply nested 1000s of levels JSON as JsonNode...

6.3CVSS0.00616EPSS
Exploits1References3
astralinux
astralinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in libjettison-java

An infinite recursion occurs in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This results in a StackOverflowError exception being thrown...

7.5CVSS6.7AI score0.01009EPSS
Exploits1References2
nvd
nvd
added 2026/05/14 12:16 p.m.49 views

CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS0.00487EPSS
Exploits0References3
osv
osv
added 2026/05/14 12:16 p.m.8 views

UBUNTU-CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2026/05/14 11:22 a.m.8 views

CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.8AI score0.00487EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/14 12:0 a.m.18 views

PT-2026-40906

Name of the Vulnerable Software and Affected Versions Apache Commons versions 2.2 through 2.14.x Description An uncontrolled recursion issue exists when processing untrusted configuration files. Specifically, the software throws a StackOverflowError—a runtime error that occurs when the call stack...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References25
ibm
ibm
added 2026/03/19 1:32 p.m.5 views

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to a StackOverflowError CVE-2025-48924

Summary Apache Commons is used by the IBM Datapower Operations Dashboard in their Java components utility operations Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS5.8AI score0.02164EPSS
Exploits0Affected Software1
redhat
redhat
added 2026/03/18 1:54 p.m.11 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS6.8AI score0.00634EPSS
Exploits0References6
redhat
redhat
added 2026/03/18 1:17 p.m.10 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS6.8AI score0.00634EPSS
Exploits0References6
ibm
ibm
added 2026/02/02 5:24 p.m.8 views

Security Bulletin: Security vulnerability in Apache Commons Lang may affect IBM Business Automation Workflow - CVE-2025-48924

Summary IBM Business Automation Workflow packages a vulnerable copy of the Apache Commons Lang open source library. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS6.4AI score0.02164EPSS
Exploits0Affected Software2
redhat
redhat
added 2025/12/16 11:13 p.m.2 views

commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

An uncontrolled recursion flaw was found in the Apache Commons Lang library. The ClassUtils.getClass... method can throw a StackOverflowError on very long inputs. Since this error is typically not handled by applications and libraries, a StackOverflowError may lead to the termination of an...

5.3CVSS7.1AI score0.02164EPSS
Exploits0References5
osv
osv
added 2025/11/15 7:11 a.m.5 views

MGASA-2025-0293 Updated apache-commons-lang3 & apache-commons-lang packages fix security vulnerability

Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass... can throw a StackOverflowError on very long inputs. CVE-2025-48924...

5.3CVSS6.9AI score0.02164EPSS
Exploits0References3
mageia
mageia
added 2025/11/15 7:11 a.m.7 views

Updated apache-commons-lang3 & apache-commons-lang packages fix security vulnerability

Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass... can throw a StackOverflowError on very long inputs. CVE-2025-48924...

5.3CVSS6.5AI score0.02164EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0601

Malware in sbrugna...

7.5CVSS7.5AI score0.01103EPSS
Exploits0References4
redhat
redhat
added 2025/09/11 7:39 p.m.4 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS7.1AI score0.00634EPSS
Exploits0References6
mscve
mscve
added 2025/09/04 5:42 a.m.7 views

Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs

...

5.3CVSS7.7AI score0.02164EPSS
Exploits0
redhat
redhat
added 2025/08/20 12:22 a.m.8 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS7.1AI score0.00634EPSS
Exploits0References6
redhat
redhat
added 2025/08/20 12:18 a.m.3 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS7.1AI score0.00634EPSS
Exploits0References6
osv
osv
added 2025/08/20 12:0 a.m.3 views

ALSA-2025:14126 Important: pki-deps:10.6 security update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 For more details about the security issues, including the impact, a CVSS...

8.7CVSS7.1AI score0.00634EPSS
Exploits0References4
nessus
nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-41881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing ...

7.5CVSS6.6AI score0.01466EPSS
Exploits1References2
Rows per page
Query Builder