Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1060 vulnerabilities reference this CWE, most recent first.

GHSA-7553-JR98-VX47

Vulnerability from github – Published: 2020-02-24 19:12 – Updated: 2022-04-22 17:29
VLAI
Summary
libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation
Details

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. The Nokogiri RubyGem has patched its vendored copy of libxml2 in order to prevent this issue from affecting nokogiri.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "nokogiri"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-7595"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-02-18T18:58:16Z",
    "nvd_published_at": "2020-01-21T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.\nThe Nokogiri RubyGem has patched its vendored copy of libxml2 in order to prevent this issue from affecting nokogiri.",
  "id": "GHSA-7553-jr98-vx47",
  "modified": "2022-04-22T17:29:45Z",
  "published": "2020-02-24T19:12:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sparklemotion/nokogiri/issues/1992"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4274-1"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200702-0005"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202010-04"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/sparklemotion/nokogiri"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation"
}

GHSA-75G5-8M23-8X6W

Vulnerability from github – Published: 2025-07-08 03:30 – Updated: 2025-07-08 03:30
VLAI
Details

SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on availability of the application, there is no impact on confidentiality and integrity.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-42954"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T01:15:22Z",
    "severity": "LOW"
  },
  "details": "SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on availability of the application, there is no impact on confidentiality and integrity.",
  "id": "GHSA-75g5-8m23-8x6w",
  "modified": "2025-07-08T03:30:59Z",
  "published": "2025-07-08T03:30:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-42954"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3608156"
    },
    {
      "type": "WEB",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-773G-X274-8QMF

Vulnerability from github – Published: 2023-06-07 16:05 – Updated: 2023-06-07 16:05
VLAI
Summary
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression
Details

SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects (HTTPRequestDecompressor and HTTPResponseDecompressor) both failed to detect when the decompressed body was considered complete. If trailing junk data was appended to the HTTP message body, the code would repeatedly attempt to decompress this data and fail. This would lead to an infinite loop making no forward progress, leading to livelock of the system and denial-of-service.

This issue can be triggered by any attacker capable of sending a compressed HTTP message. Most commonly this is HTTP servers, as compressed HTTP messages cannot be negotiated for HTTP requests, but it is possible that users have configured decompression for HTTP requests as well. The attack is low effort, and likely to be reached without requiring any privilege or system access. The impact on availability is high: the process immediately becomes unavailable but does not immediately crash, meaning that it is possible for the process to remain in this state until an administrator intervenes or an automated circuit breaker fires. If left unchecked this issue will very slowly exhaust memory resources due to repeated buffer allocation, but the buffers are not written to and so it is possible that the processes will not terminate for quite some time.

This risk can be mitigated by removing transparent HTTP message decompression. The issue is fixed by correctly detecting the termination of the compressed body as reported by zlib and refusing to decompress further data.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "SwiftURL",
        "name": "github.com/apple/swift-nio-extras"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.11.0"
            },
            {
              "fixed": "1.14.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "SwiftURL",
        "name": "github.com/apple/swift-nio-extras"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.10.0"
            },
            {
              "fixed": "1.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "SwiftURL",
        "name": "github.com/apple/swift-nio-extras"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-3252"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-07T16:05:48Z",
    "nvd_published_at": "2022-09-21T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects (`HTTPRequestDecompressor` and `HTTPResponseDecompressor`) both failed to detect when the decompressed body was considered complete. If trailing junk data was appended to the HTTP message body, the code would repeatedly attempt to decompress this data and fail. This would lead to an infinite loop making no forward progress, leading to livelock of the system and denial-of-service.\n\nThis issue can be triggered by any attacker capable of sending a compressed HTTP message. Most commonly this is HTTP servers, as compressed HTTP messages cannot be negotiated for HTTP requests, but it is possible that users have configured decompression for HTTP requests as well. The attack is low effort, and likely to be reached without requiring any privilege or system access. The impact on availability is high: the process immediately becomes unavailable but does not immediately crash, meaning that it is possible for the process to remain in this state until an administrator intervenes or an automated circuit breaker fires. If left unchecked this issue will very slowly exhaust memory resources due to repeated buffer allocation, but the buffers are not written to and so it is possible that the processes will not terminate for quite some time.\n\nThis risk can be mitigated by removing transparent HTTP message decompression. The issue is fixed by correctly detecting the termination of the compressed body as reported by zlib and refusing to decompress further data.",
  "id": "GHSA-773g-x274-8qmf",
  "modified": "2023-06-07T16:05:48Z",
  "published": "2023-06-07T16:05:48Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/apple/swift-nio-extras/security/advisories/GHSA-773g-x274-8qmf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3252"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apple/swift-nio-extras/pull/177"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apple/swift-nio-extras/pull/177/commits/359015de2c49e426c27b1d25dbf599b08a9d3ee6"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apple/swift-nio-extras"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression"
}

GHSA-7787-P7X6-FQ3J

Vulnerability from github – Published: 2023-12-08 15:23 – Updated: 2023-12-08 19:52
VLAI
Summary
Candid infinite decoding loop through specially crafted payload
Details

Impact

The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record { * ; empty } and the canister interface expects record { * } then the rust candid decoder treats empty as an extra field required by the type. The problem with type empty is that the candid rust library wrongly categorizes empty as a recoverable error when skipping the field and thus causing an infinite decoding loop.

Canisters using affected versions of candid are exposed to denial of service by causing the decoding to run indefinitely until the canister traps due to reaching maximum instruction limit per execution round. Repeated exposure to the payload will result in degraded performance of the canister.

For asset canister users, dfx versions >= 0.14.4 to <= 0.15.2-beta.0 ships asset canister with an affected version of candid.

Unaffected

  • Rust canisters using candid < 0.9.0 or >= 0.9.10
  • Rust canister interfaces of type other than record { * }
  • Motoko based canisters
  • dfx (for asset canister) <= 0.14.3 or >= 0.15.2

Patches

The issue has been patched in 0.9.10. All rust based canisters on candid versions >= 0.9.0 must upgrade their candid versions to >= 0.9.10 and deploy their canisters to mainnet as soon as possible.

Workarounds

There is no workaround for canisters using the affected versions of candid other than upgrading to patched version.

References

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "candid"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.9.0"
            },
            {
              "fixed": "0.9.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-6245"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1288",
      "CWE-400",
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-08T15:23:22Z",
    "nvd_published_at": "2023-12-08T15:15:08Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThe Candid library causes a Denial of Service while parsing a specially crafted payload with `empty` data type. For example, if the payload is `record { * ; empty }` and  the canister interface expects `record { * }` then the rust candid decoder treats `empty` as an extra field required by the type.  The problem with type `empty` is that the candid rust library wrongly categorizes `empty` as a recoverable error when skipping the field and thus causing an infinite decoding loop. \n\nCanisters using affected versions of candid are exposed to denial of service by causing the decoding to run indefinitely until the canister traps due to reaching maximum instruction limit per execution round. Repeated exposure to the payload will result in degraded performance of the canister.\n\nFor asset canister users, `dfx` versions `\u003e= 0.14.4` to `\u003c= 0.15.2-beta.0` ships asset canister with an affected version of candid.\n\n#### Unaffected \n- Rust canisters using candid `\u003c 0.9.0` or `\u003e= 0.9.10` \n- Rust canister interfaces of type other than `record { * }`\n- Motoko based canisters\n- dfx (for asset canister) `\u003c= 0.14.3` or `\u003e= 0.15.2`\n\n\n### Patches\n\nThe issue has been patched in `0.9.10`. All rust based canisters on candid versions `\u003e= 0.9.0` must upgrade their candid versions to `\u003e= 0.9.10` and deploy their canisters to mainnet as soon as possible. \n\n### Workarounds\n\nThere is no workaround for canisters using the affected versions of candid other than upgrading to patched version.\n\n### References\n-  [dfinity/candid/pull/478](https://github.com/dfinity/candid/pull/478)\n-  [Candid Library Reference](https://internetcomputer.org/docs/current/references/candid-ref)\n-  [Candid Specification](https://github.com/dfinity/candid/blob/master/spec/Candid.md)\n-  [Internet Computer Specification](https://internetcomputer.org/docs/current/references/ic-interface-spec)",
  "id": "GHSA-7787-p7x6-fq3j",
  "modified": "2023-12-08T19:52:40Z",
  "published": "2023-12-08T15:23:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/dfinity/candid/security/advisories/GHSA-7787-p7x6-fq3j"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6245"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dfinity/candid/pull/478"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dfinity/candid/commit/b233dbc2d2bcc79c9fc574dd5968269df680b073"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dfinity/candid"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dfinity/candid/blob/master/spec/Candid.md"
    },
    {
      "type": "WEB",
      "url": "https://internetcomputer.org/docs/current/references/candid-ref"
    },
    {
      "type": "WEB",
      "url": "https://internetcomputer.org/docs/current/references/ic-interface-spec"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2023-0073.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Candid infinite decoding loop through specially crafted payload"
}

GHSA-77V7-59C5-2XXH

Vulnerability from github – Published: 2025-09-05 18:31 – Updated: 2025-11-24 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

exfat: add cluster chain loop check for dir

An infinite loop may occur if the following conditions occur due to file system corruption.

(1) Condition for exfat_count_dir_entries() to loop infinitely. - The cluster chain includes a loop. - There is no UNUSED entry in the cluster chain.

(2) Condition for exfat_create_upcase_table() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and up-case table entry in the cluster chain of the root directory.

(3) Condition for exfat_load_bitmap() to loop infinitely. - The cluster chain of the root directory includes a loop. - There are no UNUSED entry and bitmap entry in the cluster chain of the root directory.

(4) Condition for exfat_find_dir_entry() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation.

(5) Condition for exfat_check_dir_empty() to loop infinitely. - The cluster chain includes a loop. - The unused directory entries were exhausted by some operation. - All files and sub-directories under the directory are deleted.

This commit adds checks to break the above infinite loop.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38692"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-04T16:15:37Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: add cluster chain loop check for dir\n\nAn infinite loop may occur if the following conditions occur due to\nfile system corruption.\n\n(1) Condition for exfat_count_dir_entries() to loop infinitely.\n    - The cluster chain includes a loop.\n    - There is no UNUSED entry in the cluster chain.\n\n(2) Condition for exfat_create_upcase_table() to loop infinitely.\n    - The cluster chain of the root directory includes a loop.\n    - There are no UNUSED entry and up-case table entry in the cluster\n      chain of the root directory.\n\n(3) Condition for exfat_load_bitmap() to loop infinitely.\n    - The cluster chain of the root directory includes a loop.\n    - There are no UNUSED entry and bitmap entry in the cluster chain\n      of the root directory.\n\n(4) Condition for exfat_find_dir_entry() to loop infinitely.\n    - The cluster chain includes a loop.\n    - The unused directory entries were exhausted by some operation.\n\n(5) Condition for exfat_check_dir_empty() to loop infinitely.\n    - The cluster chain includes a loop.\n    - The unused directory entries were exhausted by some operation.\n    - All files and sub-directories under the directory are deleted.\n\nThis commit adds checks to break the above infinite loop.",
  "id": "GHSA-77v7-59c5-2xxh",
  "modified": "2025-11-24T21:30:56Z",
  "published": "2025-09-05T18:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38692"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4c3cda20c4cf1871e27868d08fda06b79bc7d568"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/868f23286c1a13162330fa6c614fe350f78e3f82"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/99f9a97dce39ad413c39b92c90393bbd6778f3fd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aa8fe7b7b73d4c9a41bb96cb3fb3092f794ecb33"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e2066ca3ef49a30920d8536fa366b2a183a808ee"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-788G-JGWH-PC92

Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2025-04-20 03:41
VLAI
Details

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-11625"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-25T23:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an \"infinite loop.\"",
  "id": "GHSA-788g-jgwh-pc92",
  "modified": "2025-04-20T03:41:27Z",
  "published": "2022-05-13T01:42:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11625"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qpdf/qpdf/issues/120"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3638-1"
    },
    {
      "type": "WEB",
      "url": "http://somevulnsofadlab.blogspot.jp/2017/07/qpdfan-infinite-loop-in-libqpdf_26.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-78R9-QJ6X-MW32

Vulnerability from github – Published: 2022-08-17 00:00 – Updated: 2022-08-19 00:00
VLAI
Details

Endless Infinite loop in Blender-thumnailing due to logical bugs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2833"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-16T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Endless Infinite loop in Blender-thumnailing due to logical bugs.",
  "id": "GHSA-78r9-qj6x-mw32",
  "modified": "2022-08-19T00:00:21Z",
  "published": "2022-08-17T00:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2833"
    },
    {
      "type": "WEB",
      "url": "https://developer.blender.org/T99711"
    },
    {
      "type": "WEB",
      "url": "https://developer.blender.org/rB24a2b5cb1292f769dd86e314471443976d5e9512"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-78RH-27P9-CHJ5

Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50
VLAI
Details

An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-15856"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-25T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files.",
  "id": "GHSA-78rh-27p9-chj5",
  "modified": "2022-05-13T01:50:13Z",
  "published": "2022-05-13T01:50:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15856"
    },
    {
      "type": "WEB",
      "url": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2079"
    },
    {
      "type": "WEB",
      "url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201810-05"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3786-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3786-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-794C-RCRG-7J7W

Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-05-13 01:14
VLAI
Details

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up and a denial of service. Versions from v4.18 and newer are vulnerable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-3819"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-25T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user (\"root\") can cause a system lock up and a denial of service. Versions from v4.18 and newer are vulnerable.",
  "id": "GHSA-794c-rcrg-7j7w",
  "modified": "2022-05-13T01:14:29Z",
  "published": "2022-05-13T01:14:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3819"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3819"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3932-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3932-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4115-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4118-1"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106730"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-79M3-3J97-C9X5

Vulnerability from github – Published: 2024-02-26 18:30 – Updated: 2024-08-05 21:31
VLAI
Details

Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27359"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-26T16:28:00Z",
    "severity": "HIGH"
  },
  "details": "Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.",
  "id": "GHSA-79m3-3j97-c9x5",
  "modified": "2024-08-05T21:31:17Z",
  "published": "2024-02-26T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27359"
    },
    {
      "type": "WEB",
      "url": "https://www.withsecure.com/en/support/security-advisories/cve-2034-n1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.