CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1057 vulnerabilities reference this CWE, most recent first.
GHSA-X43J-M68C-2QXF
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2025-11-04 21:30TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.
{
"affected": [],
"aliases": [
"CVE-2021-42260"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-11T20:15:00Z",
"severity": "HIGH"
},
"details": "TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.",
"id": "GHSA-x43j-m68c-2qxf",
"modified": "2025-11-04T21:30:26Z",
"published": "2022-05-24T19:17:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42260"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00019.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00041.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QCR5PIOBGDIDS6SYRESTMDJSEDFSCOE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOMBSHRIW5Q34SQSXYURYAOYDZD2NQF6"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QCR5PIOBGDIDS6SYRESTMDJSEDFSCOE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HOMBSHRIW5Q34SQSXYURYAOYDZD2NQF6"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/tinyxml/bugs/141"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X4FC-X944-V9P7
Vulnerability from github – Published: 2022-03-03 00:00 – Updated: 2022-03-17 00:04A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.
{
"affected": [],
"aliases": [
"CVE-2022-0711"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-02T22:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in the way HAProxy processed HTTP responses containing the \"Set-Cookie2\" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.",
"id": "GHSA-x4fc-x944-v9p7",
"modified": "2022-03-17T00:04:06Z",
"published": "2022-03-03T00:00:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0711"
},
{
"type": "WEB",
"url": "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2022-0711"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5102"
},
{
"type": "WEB",
"url": "https://www.mail-archive.com/haproxy@formilux.org/msg41833.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X5VR-48JX-H8WP
Vulnerability from github – Published: 2023-02-07 21:30 – Updated: 2023-02-16 15:30A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.
{
"affected": [],
"aliases": [
"CVE-2022-46285"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-07T19:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.",
"id": "GHSA-x5vr-48jx-h8wp",
"modified": "2023-02-16T15:30:30Z",
"published": "2023-02-07T21:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46285"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160092"
},
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148"
},
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html"
},
{
"type": "WEB",
"url": "https://lists.x.org/archives/xorg-announce/2023-January/003312.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X76G-P4RM-4XCH
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-05-24 19:18An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.
{
"affected": [],
"aliases": [
"CVE-2021-42715"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-21T19:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.",
"id": "GHSA-x76g-p4rm-4xch",
"modified": "2022-05-24T19:18:26Z",
"published": "2022-05-24T19:18:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42715"
},
{
"type": "WEB",
"url": "https://github.com/nothings/stb/issues/1224"
},
{
"type": "WEB",
"url": "https://github.com/nothings/stb/pull/1223"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00045.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CI23LXPEV2GCDQTJSKO6CIILBDTI3R42"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTZXHFZD36BGE5P6JF252NZZLKMGCY4T"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G2M5CRSGPRF7G3YB5CLU4FXW7ANNHAYT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ID6II3RIKAMVGVMC6ZAQIXXYYDMTVC4N"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXX76TJMZBPN3NU542MGN6B7C7QHRFGB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VP2YEXEAJWI76FPM7D7VXHWD3WESQEYC"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X78Q-89F4-5W3C
Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:36In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.
{
"affected": [],
"aliases": [
"CVE-2017-7701"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-12T23:59:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.",
"id": "GHSA-x78q-89f4-5w3c",
"modified": "2025-04-20T03:36:01Z",
"published": "2022-05-13T01:47:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7701"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13557"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=fa31f69b407436d0946f84baa0acdcc50962bf7a"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fa31f69b407436d0946f84baa0acdcc50962bf7a"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201706-12"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2017-16.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97632"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038262"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X7VR-C387-8W57
Vulnerability from github – Published: 2021-08-25 21:01 – Updated: 2023-06-13 18:21HeaderMap::reserve() used usize::next_power_of_two() to calculate the increased capacity. However, next_power_of_two() silently overflows to 0 if given a sufficiently large number in release mode.
If the map was not empty when the overflow happens, the library will invoke self.grow(0) and start infinite probing. This allows an attacker who controls the argument to reserve() to cause a potential denial of service (DoS).
The flaw was corrected in 0.1.20 release of http crate.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "http"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.1.20"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-25574"
],
"database_specific": {
"cwe_ids": [
"CWE-190",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2021-07-26T18:47:31Z",
"nvd_published_at": "2020-09-14T19:15:00Z",
"severity": "HIGH"
},
"details": "HeaderMap::reserve() used usize::next_power_of_two() to calculate the increased capacity. However, next_power_of_two() silently overflows to 0 if given a sufficiently large number in release mode.\n\nIf the map was not empty when the overflow happens, the library will invoke self.grow(0) and start infinite probing. This allows an attacker who controls the argument to reserve() to cause a potential denial of service (DoS).\n\nThe flaw was corrected in 0.1.20 release of http crate.",
"id": "GHSA-x7vr-c387-8w57",
"modified": "2023-06-13T18:21:10Z",
"published": "2021-08-25T21:01:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25574"
},
{
"type": "WEB",
"url": "https://github.com/hyperium/http/issues/352"
},
{
"type": "PACKAGE",
"url": "https://github.com/hyperium/http"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2019-0033.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Integer Overflow/Infinite Loop in the http crate"
}
GHSA-X8GX-VM44-MV77
Vulnerability from github – Published: 2022-11-15 12:00 – Updated: 2022-11-18 06:30Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
{
"affected": [],
"aliases": [
"CVE-2022-33239"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-15T10:15:00Z",
"severity": "HIGH"
},
"details": "Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
"id": "GHSA-x8gx-vm44-mv77",
"modified": "2022-11-18T06:30:28Z",
"published": "2022-11-15T12:00:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33239"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2022-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X8W5-J8FH-HPVP
Vulnerability from github – Published: 2026-03-07 09:30 – Updated: 2026-03-09 15:30It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).
{
"affected": [],
"aliases": [
"CVE-2026-2219"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-07T09:16:07Z",
"severity": "HIGH"
},
"details": "It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).",
"id": "GHSA-x8w5-j8fh-hpvp",
"modified": "2026-03-09T15:30:43Z",
"published": "2026-03-07T09:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2219"
},
{
"type": "WEB",
"url": "https://bugs.debian.org/1129722"
},
{
"type": "WEB",
"url": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=6610297a62c0780dd0e80b0e302ef64fdcc9d313"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X9MM-6GPF-F749
Vulnerability from github – Published: 2022-05-17 03:00 – Updated: 2022-07-06 20:59HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.poi:poi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-9527"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-06T20:59:38Z",
"nvd_published_at": "2015-01-06T15:59:00Z",
"severity": "MODERATE"
},
"details": "HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.",
"id": "GHSA-x9mm-6gpf-f749",
"modified": "2022-07-06T20:59:38Z",
"published": "2022-05-17T03:00:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9527"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2016:1135"
},
{
"type": "WEB",
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57272"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150228.html"
},
{
"type": "WEB",
"url": "http://poi.apache.org/changes.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/61953"
},
{
"type": "WEB",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996759"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Loop with Unreachable Exit Condition in Apache POI"
}
GHSA-XC76-5PF9-MX8M
Vulnerability from github – Published: 2025-03-14 17:31 – Updated: 2025-03-15 20:47Impact
Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer.
The infinite loop will occur with any valid invocation of setTimer.
Patches
The problem has been fixed as of Azle version 0.30.0.
Workarounds
If a canister is caught in this infinite loop after calling setTimer, the canister can be upgraded and the timers will all be cleared, thus ending the loop.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "azle"
},
"ranges": [
{
"events": [
{
"introduced": "0.27.0"
},
{
"fixed": "0.30.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-29776"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-14T17:31:07Z",
"nvd_published_at": "2025-03-14T14:15:18Z",
"severity": "HIGH"
},
"details": "### Impact\n\nCalling `setTimer` in Azle versions `0.27.0`, `0.28.0`, and `0.29.0` causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer.\n\nThe infinite loop will occur with any valid invocation of `setTimer`.\n\n### Patches\n\nThe problem has been fixed as of Azle version `0.30.0`.\n\n### Workarounds\n\nIf a canister is caught in this infinite loop after calling `setTimer`, the canister can be upgraded and the timers will all be cleared, thus ending the loop.",
"id": "GHSA-xc76-5pf9-mx8m",
"modified": "2025-03-15T20:47:15Z",
"published": "2025-03-14T17:31:07Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/demergent-labs/azle/security/advisories/GHSA-xc76-5pf9-mx8m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29776"
},
{
"type": "PACKAGE",
"url": "https://github.com/demergent-labs/azle"
},
{
"type": "WEB",
"url": "https://github.com/demergent-labs/azle/releases/tag/0.30.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"type": "CVSS_V4"
}
],
"summary": "In Azle, calling `setTimer` causes infinite loop of timers"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.