Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1057 vulnerabilities reference this CWE, most recent first.

GHSA-3P73-MM7V-4F6M

Vulnerability from github – Published: 2023-01-27 00:55 – Updated: 2023-01-28 00:31
VLAI
Summary
DoS vulnerability in MaliciousCode filter
Details

Impact

Infinite loop in malicious code filter in certain conditions.

Workarounds

None

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "openmage/magento-lts"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "19.4.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "openmage/magento-lts"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "20.0.0"
            },
            {
              "fixed": "20.0.19"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-23617"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-27T00:55:11Z",
    "nvd_published_at": "2023-01-28T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nInfinite loop in malicious code filter in certain conditions.\n\n### Workarounds\n\nNone",
  "id": "GHSA-3p73-mm7v-4f6m",
  "modified": "2023-01-28T00:31:24Z",
  "published": "2023-01-27T00:55:11Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/OpenMage/magento-lts/security/advisories/GHSA-3p73-mm7v-4f6m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23617"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OpenMage/magento-lts/commit/494027785bdb7db53e60c11ef03c144b61cd3172"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/OpenMage/magento-lts"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OpenMage/magento-lts/releases/tag/v19.4.22"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OpenMage/magento-lts/releases/tag/v20.0.19"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": " DoS vulnerability in MaliciousCode filter"
}

GHSA-3PV3-RMR2-25G2

Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-20 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed

Following process will trigger an infinite loop in ubi_wl_put_peb():

ubifs_bgt       ubi_bgt

ubifs_leb_unmap ubi_leb_unmap ubi_eba_unmap_leb ubi_wl_put_peb wear_leveling_worker e1 = rb_entry(rb_first(&ubi->used) e2 = get_peb_for_wl(ubi) ubi_io_read_vid_hdr // return err (flash fault) out_error: ubi->move_from = ubi->move_to = NULL wl_entry_destroy(ubi, e1) ubi->lookuptbl[e->pnum] = NULL retry: e = ubi->lookuptbl[pnum]; // return NULL if (e == ubi->move_from) { // NULL == NULL gets true goto retry; // infinite loop !!!

$ top PID USER PR NI VIRT RES SHR S %CPU %MEM COMMAND 7676 root 20 0 0 0 0 R 100.0 0.0 ubifs_bgt0_0

Fix it by: 1) Letting ubi_wl_put_peb() returns directly if wearl leveling entry has been removed from 'ubi->lookuptbl'. 2) Using 'ubi->wl_lock' protecting wl entry deletion to preventing an use-after-free problem for wl entry in ubi_wl_put_peb().

Fetch a reproducer in [Link].

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53481"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T12:15:50Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed\n\nFollowing process will trigger an infinite loop in ubi_wl_put_peb():\n\n\tubifs_bgt\t\tubi_bgt\nubifs_leb_unmap\n  ubi_leb_unmap\n    ubi_eba_unmap_leb\n      ubi_wl_put_peb\twear_leveling_worker\n                          e1 = rb_entry(rb_first(\u0026ubi-\u003eused)\n\t\t\t  e2 = get_peb_for_wl(ubi)\n\t\t\t  ubi_io_read_vid_hdr  // return err (flash fault)\n\t\t\t  out_error:\n\t\t\t    ubi-\u003emove_from = ubi-\u003emove_to = NULL\n\t\t\t    wl_entry_destroy(ubi, e1)\n\t\t\t      ubi-\u003elookuptbl[e-\u003epnum] = NULL\n      retry:\n        e = ubi-\u003elookuptbl[pnum];\t// return NULL\n\tif (e == ubi-\u003emove_from) {\t// NULL == NULL gets true\n\t  goto retry;\t\t\t// infinite loop !!!\n\n$ top\n  PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     COMMAND\n  7676 root     20   0       0      0      0 R 100.0  0.0  ubifs_bgt0_0\n\nFix it by:\n 1) Letting ubi_wl_put_peb() returns directly if wearl leveling entry has\n    been removed from \u0027ubi-\u003elookuptbl\u0027.\n 2) Using \u0027ubi-\u003ewl_lock\u0027 protecting wl entry deletion to preventing an\n    use-after-free problem for wl entry in ubi_wl_put_peb().\n\nFetch a reproducer in [Link].",
  "id": "GHSA-3pv3-rmr2-25g2",
  "modified": "2026-01-20T18:31:52Z",
  "published": "2025-10-01T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53481"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3afaaf6f5867dc4ad383808d4053f428ec7b867d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4d57a7333e26040f2b583983e1970d9d460e56b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5af1c643184a5d09ff5b3f334077a4d0a163c677"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8a18856e074479bd050b01e688c58defadce7ab0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b40d2fbf47af58377e898b5062077a47bb28a132"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b5be23f6ae610bdb262160a1f294afee6d0e6a69"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cc4bc532acda66189bddc03b3fe1ad689d9a48a2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f006f596fe851c3b6aae60b79f89f89f0e515d2f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3QVJ-9WRJ-3GPM

Vulnerability from github – Published: 2026-07-08 21:30 – Updated: 2026-07-08 21:30
VLAI
Details

Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-15163"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-08T21:16:47Z",
    "severity": "MODERATE"
  },
  "details": "Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service",
  "id": "GHSA-3qvj-9wrj-3gpm",
  "modified": "2026-07-08T21:30:30Z",
  "published": "2026-07-08T21:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15163"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21275"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21277"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21330"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21383"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2026-61.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R3P-444M-2G4P

Vulnerability from github – Published: 2024-01-16 18:31 – Updated: 2025-11-04 21:31
VLAI
Details

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-45232"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-16T16:15:12Z",
    "severity": "HIGH"
  },
  "details": "EDK2\u0027s Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability.",
  "id": "GHSA-3r3p-444m-2g4p",
  "modified": "2025-11-04T21:31:04Z",
  "published": "2024-01-16T18:31:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45232"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240307-0011"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/132380"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R44-XHXH-QH7X

Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52
VLAI
Details

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-5685"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-14T02:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.",
  "id": "GHSA-3r44-xhxh-qh7x",
  "modified": "2022-05-13T01:52:53Z",
  "published": "2022-05-13T01:52:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5685"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/p/graphicsmagick/bugs/541"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4321"
    },
    {
      "type": "WEB",
      "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52a91ddb1aa6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3V47-MWG3-XVQ2

Vulnerability from github – Published: 2026-06-24 09:30 – Updated: 2026-07-08 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: stop hash:* range iteration at end

The following hash set variants:

hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net

iterate IPv4 ranges with a 32-bit iterator.

The iterator must stop once the last address in the requested range has been processed. Advancing it once more can move the traversal state past the end of the request, so a later retry may continue from an unintended position.

Handle the iterator increment explicitly at the end of the loop and stop once the upper bound has been processed. This keeps the existing retry behaviour intact for valid ranges while preventing traversal from continuing past the original boundary.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-52921"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-24T08:16:22Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: stop hash:* range iteration at end\n\nThe following hash set variants:\n\nhash:ip,mark\nhash:ip,port\nhash:ip,port,ip\nhash:ip,port,net\n\niterate IPv4 ranges with a 32-bit iterator.\n\nThe iterator must stop once the last address in the requested range has\nbeen processed. Advancing it once more can move the traversal state past\nthe end of the request, so a later retry may continue from an unintended\nposition.\n\nHandle the iterator increment explicitly at the end of the loop and stop\nonce the upper bound has been processed. This keeps the existing retry\nbehaviour intact for valid ranges while preventing traversal from\ncontinuing past the original boundary.",
  "id": "GHSA-3v47-mwg3-xvq2",
  "modified": "2026-07-08T18:31:32Z",
  "published": "2026-06-24T09:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-52921"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02f75f041a93ea045834da89cd3234f4c1d749b4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0d7b33ace701fe397e6e4de145f32e098178d901"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/383418c20e69f5761b6ec5238f599423f4fb77fb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/952e988163c2ab9939c3db9f0f8e77af6a1bb436"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/be75218fadea22e59c8673db212f29c681bf45bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c281e018af98df91827d65bec00f4956c00a1b02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3V74-FJ6R-9QVP

Vulnerability from github – Published: 2026-01-27 18:32 – Updated: 2026-01-27 18:32
VLAI
Details

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-24831"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-27T16:16:35Z",
    "severity": "HIGH"
  },
  "details": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.",
  "id": "GHSA-3v74-fj6r-9qvp",
  "modified": "2026-01-27T18:32:16Z",
  "published": "2026-01-27T18:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24831"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ixray-team/ixray-1.6-stcop/pull/248"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3V94-MW7P-V465

Vulnerability from github – Published: 2026-05-07 02:59 – Updated: 2026-05-07 02:59
VLAI
Summary
hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses
Details

The NSEC3 closest-encloser proof validation in hickory-proto's (0.25.0-alpha.3 ... 0.25.2) and hickory-net's (0.26.0-alpha.1 .. 0.26.0) DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the SOA name. When the SOA in a response's authority section is not an ancestor of the QNAME, the loop stalls at the DNS root and never terminates, repeatedly calling Name::base_name() and pushing newly allocated Name and hashed-name entries into the candidate Vec.

The bug is reachable by any caller of DnssecDnsHandle, including the resolver, recursor, and client, when built with the dnssec-ring or dnssec-aws-lc-rs feature and configured to perform DNSSEC validation. It is triggered while validating a NoData or NXDomain response whose authority section contains an SOA record from a zone other than an ancestor of the QNAME, on a code path that requires NSEC3 closest-encloser proof. In practice this can be reached through an insecure CNAME chain that crosses zone boundaries into a DNSSEC-signed zone returning NoData, but the minimum condition is just a mismatched SOA owner on a response requiring NSEC3 validation.

A debug_assert_ne!(name, Name::root()) guards the loop body, so debug builds abort with a panic on the first iteration past the root. Release builds compile the assertion out and run the loop unbounded, allocating until the process exhausts available memory. A reachable upstream attacker who can return such a response can therefore crash a debug build or exhaust memory on a release build, for the affected configurations.

The affected code was migrated from hickory-proto to hickory-net as part of the 0.26.0 release. Hickory DNS recommends that all affected users update to hickory-net 0.26.1 for the fix.

Reporter

David Cook, ISRG

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "hickory-proto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.25.0-alpha.3"
            },
            {
              "last_affected": "0.25.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.26.0"
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "hickory-net"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.26.0-alpha.1"
            },
            {
              "fixed": "0.26.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-07T02:59:20Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "The NSEC3 closest-encloser proof validation in `hickory-proto`\u0027s (0.25.0-alpha.3 ... 0.25.2) and `hickory-net`\u0027s (0.26.0-alpha.1 .. 0.26.0)  `DnssecDnsHandle` walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the SOA name. When the SOA in a response\u0027s authority section is not an ancestor of the QNAME, the loop stalls at the DNS root and never terminates, repeatedly calling `Name::base_name()` and pushing newly allocated `Name` and hashed-name entries into the candidate `Vec`.\n\nThe bug is reachable by any caller of `DnssecDnsHandle`, including the resolver, recursor, and client, when built with the `dnssec-ring` or `dnssec-aws-lc-rs` feature and configured to perform DNSSEC validation. It is triggered while validating a NoData or NXDomain response whose authority section contains an SOA record from a zone other than an ancestor of the QNAME, on a code path that requires NSEC3 closest-encloser proof. In practice this can be reached through an insecure CNAME chain that crosses zone boundaries into a DNSSEC-signed zone returning NoData, but the minimum condition is just a mismatched SOA owner on a response requiring NSEC3 validation.\n\nA `debug_assert_ne!(name, Name::root())` guards the loop body, so debug builds abort with a panic on the first iteration past the root. Release builds compile the assertion out and run the loop unbounded, allocating until the process exhausts available memory. A reachable upstream attacker who can return such a response can therefore crash a debug build or exhaust memory on a release build, for the affected configurations.\n\nThe affected code was migrated from `hickory-proto` to `hickory-net` as part of the 0.26.0 release. Hickory DNS recommends that all affected users update to `hickory-net` 0.26.1 for the fix.\n\n### Reporter\n\nDavid Cook, ISRG",
  "id": "GHSA-3v94-mw7p-v465",
  "modified": "2026-05-07T02:59:20Z",
  "published": "2026-05-07T02:59:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/hickory-dns/hickory-dns/security/advisories/GHSA-3v94-mw7p-v465"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hickory-dns/hickory-dns"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2026-0118.html"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2026-0120.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses"
}

GHSA-3VPR-MHGF-FGJV

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:38
VLAI
Details

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9023"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-08T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.",
  "id": "GHSA-3vpr-mhgf-fgjv",
  "modified": "2025-04-20T03:38:42Z",
  "published": "2022-05-13T01:47:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9023"
    },
    {
      "type": "WEB",
      "url": "https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-%28cve-2017-9023%29.html"
    },
    {
      "type": "WEB",
      "url": "https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3866"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98756"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3301-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3VQ9-9J8H-QHV2

Vulnerability from github – Published: 2026-04-30 09:30 – Updated: 2026-04-30 09:30
VLAI
Details

RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-6522"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-30T07:16:39Z",
    "severity": "MODERATE"
  },
  "details": "RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service",
  "id": "GHSA-3vq9-9j8h-qhv2",
  "modified": "2026-04-30T09:30:24Z",
  "published": "2026-04-30T09:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6522"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/work_items/21186"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2026-42.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.