Low: javapackages-bootstrap

Issue Overview: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass... can throw StackOverflowError on...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

RHEL 9 : jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base (RHSA-2025:12282)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:12282 advisory. Core part of Jackson that defines Streaming API as well as basic shared abstractions. Security Fixes: com.fasterxml.jackson.core/jackson-core:...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

UBUNTU-CVE-2025-52999

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly...

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

PT-2024-7918 · Atlassian +1 · Bitbucket Data Center/Server +4

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.21 Bitbucket Data Center and Server versions 8.6.0 through 8.19.0 Bitbucket Data Center and Server versions 9.0.0 through 9.4.0 Bitbucket Data Center and Server version 8.9.0 through 8.9.23 Bitbucket Data Center...

commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flattenObject, int with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a...

commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator. This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that...

CVE-2024-29131

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator. This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that...

CVE-2024-29133

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flattenObject, int with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a...

GHSA-9W38-P64V-XPMV Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

This Out-of-bounds Write vulnerability in Apache Commons Configuration affects Apache Commons Configuration: from 2.0 before 2.10.1. User can see this as a 'StackOverflowError' calling 'ListDelimiterHandler.flattenObject, int' with a cyclical object tree. Users are recommended to upgrade to versi...

Stack Overflow

libsquashfs.so is vulnerable to Stack Overflow Error. The vulnerability is caused by an integer overflow in function readfragmenttable4 in a file unsquash-4.c while reading a return value from SQUASHFSFRAGMENTBYTES which can be larger than maximum value of a signed int. This can lead to applicati...

Denial Of Service (DOS)

The org.kopitubruk.util.JSONUtil library is vulnerable to Denial Of Service Attack DOS . The vulnerability is due to not restricting user supplied JSON to a maximum length causing Stack Overflow Error when the JSON is parsed leading to Denial Of Service DOS attack...

Denial Of Service (DOS)

The net.sf.sojo.sojo library is vulnerable to Denial Of Service Attack DOS . The vulnerability is due to not restricting user supplied JSON and CSV to a maximum length causing Stack Overflow Error/Out Of Memory -Heap Error when the input is parsed leading to Denial Of Service DOS attack...

Amazon Linux 2 : xstream (ALAS-2023-2007)

The version of xstream installed on the remote host is prior to 1.3.1-16. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2007 advisory. XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the...

SUSE CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...