Lucene search
K

12 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-38970

pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext and parseArray without enforcing a maximum nesting depth...

7.5CVSS0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in json-smart

Json-smart is a performance-oriented JSON processor library. When encountering a ‘’ or ‘’ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limitations regarding the nesting of such arrays or objects. Since the parsi...

7.5CVSS6.7AI score0.01119EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47611

Name of the Vulnerable Software and Affected Versions netty-transport-sctp versions prior to 4.1.135.Final netty-transport-sctp versions prior to 4.2.15.Final Description Netty is a network application framework for developing protocol servers and clients. A flaw exists where the handler processe...

7.5CVSS5.2AI score0.00371EPSS
Exploits0References26
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

protobuf.js 安全漏洞

protobuf.js is an open-source implementation of the Protocol Buffer library, written entirely in JavaScript. It supports protocols for Node.js and browsers using TypeScript. It’s easy to use, extremely fast, and can be used out of the box with.proto files. Versions prior to 7.5.8 and 8.2.0 of...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/06/15 12:17 a.m.5 views

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

7.5CVSS6.9AI score0.01119EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/05/17 3:49 p.m.8 views

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

7.5CVSS6.9AI score0.01119EPSS
Exploits1References6
OSV
OSV
added 2023/03/22 6:15 a.m.1 views

DEBIAN-CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

7.5CVSS6.4AI score0.01119EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/30 12:0 a.m.6 views

SnakeYAML 资源管理错误漏洞

SnakeYAML is a Java-based YAML parser. A security vulnerability exists in SnakeYAML 1.31 and earlier versions, which stems from a denial of service DoS issue due to the lack of a nesting depth limit for collections...

7.5CVSS8.9AI score0.02191EPSS
Exploits2References27
OSV
OSV
added 2022/08/24 5:15 a.m.3 views

CVE-2022-25903

The package opcua from 0.0.0 are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed...

7.5CVSS5.8AI score0.01114EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/24 5:0 a.m.3 views

CVE-2022-25903

The package opcua from 0.0.0 are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed...

7.5CVSS7.1AI score0.01114EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/24 12:0 a.m.6 views

PT-2022-17596 · Opcua · Opcua

Name of the Vulnerable Software and Affected Versions: opcua versions 0.0.0 through 0.11.0 Description: The issue allows for Denial of Service DoS via the ExtensionObjects and Variants objects. This occurs because the package allows unlimited nesting levels, which could result in a stack overflow...

7.5CVSS7.6AI score0.01114EPSS
Exploits0References8
Snyk
Snyk
added 2022/08/22 2:56 p.m.4 views

Denial of Service (DoS)

Overview opcua is an OPC UA server / client API implementation for Rust. Affected versions of this package are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message siz...

7.5CVSS7.4AI score0.01114EPSS
Exploits0References2
Rows per page
Query Builder