12 matches found
SUSE CVE-2011-4610
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
SUSE CVE-2015-5380
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a deni...
CVE-2022-31116 Incorrect handling of invalid surrogate pair characters in ujson
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...
Node.js 'V8 utf-8 decoder' DoS Vulnerability - Windows
Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...
CVE-2015-5380
CVE-2015-5380 affects Google V8 (as used by Node.js and io.js) where Utf8DecoderBase::WriteUtf16Slow may not verify memory for a UTF-16 surrogate pair. This can enable a remote attacker to trigger denial of service via a crafted byte sequence, potentially causing memory corruption. Affected versi...
CVE-2011-4610
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...