CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1060 vulnerabilities reference this CWE, most recent first.
GHSA-6R93-M2CP-HHMF
Vulnerability from github – Published: 2022-05-21 00:01 – Updated: 2022-05-27 00:00A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
{
"affected": [],
"aliases": [
"CVE-2022-29028"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-20T13:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in JT2Go (All versions \u003c V13.3.0.3), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.3), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.",
"id": "GHSA-6r93-m2cp-hhmf",
"modified": "2022-05-27T00:00:53Z",
"published": "2022-05-21T00:01:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29028"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6V9C-7CG6-27Q7
Vulnerability from github – Published: 2026-04-29 22:12 – Updated: 2026-04-29 22:12Summary
A critical Denial of Service (DoS) vulnerability exists in marked@18.0.0. By providing a specific 3-byte input sequence a tab, a vertical tab, and a newline (\x09\x0b\n)—an unauthenticated attacker can trigger an infinite recursion loop during parsing. This leads to unbounded memory allocation, causing the host Node.js application to crash via Memory Exhaustion (OOM).
Details
The vulnerability originates in how marked's block tokenizer handles unexpected whitespace characters.
- Tab Character (
\x09) Consumption: Thespace()tokenizer matches standard whitespace using the regex/^(?:[ \t]*(?:\n|$))+/. When parsing the malicious payload (\x09\x0b\n), this rule successfully consumes the initial tab character (\x09). - Vertical Tab (
\x0b) Bypass: The remaining input is now\x0b\n. The newline block rule explicitly looks for spaces or standard tabs ([ \t]) followed by a newline. Because the vertical tab is a legacy ASCII character not accounted for in this rule, it fails to match. - Fallback to Text Tokenizer: None of the standard block tokenizers (blockquote, code, heading, etc.) match
\x0b\n. As a result, the parser falls through to thetexttokenizer (/^[^\n]+/), which matches any character except a newline. - Infinite Recursion: Inside
blockTokens(), thetexttokenizer creates a text token and subsequently callsinlineTokens()on the exact same content. InsideinlineTokens(), the text rule again matches\x0b\nand recursively callsinlineTokens(). This creates an inescapable cycle:blockTokens() → text token → inlineTokens() → text rule matches → inlineTokens() → ...
With each recursive call allocating new token objects and concatenating strings, memory grows indefinitely until the Node.js heap limit is reached.
Vulnerable Code in lib/marked.esm.js (Lexer class, blockTokens()):
// The text tokenizer triggers infinite recursion
if(r=this.tokenizer.text(e)) {
e=e.substring(r.raw.length);
let s=t.at(-1);
s?.type==="text"?(s.raw+=(s.raw.endsWith("\n")?"":"\n")+r.raw, s.text+="\n"+r.text, this.inlineQueue.pop(), this.inlineQueue.at(-1).src=s.text):t.push(r);
// ↑ This calls inlineTokens() internally via the text tokenizer, causing the OOM loop
continue;
}
PoC
This vulnerability can be reproduced using any standard Node.js environment with marked@18.0.0 installed.
- Create a file named
poc.jswith the following content:
const marked = require('marked');
// The vulnerable 3-byte pattern: tab + vertical tab + newline
const vulnerableInput = '\x09\x0b\n';
console.log('Attempting to parse malicious payload...');
try {
marked.parse(vulnerableInput);
} catch(e) {
console.log('Error:', e.message);
}
- Run the script:
node poc.js - Result: The process will hang briefly as memory spikes, ultimately crashing with:
FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory.
Impact
This is a High-Severity Denial of Service (DoS) vulnerability via Memory Exhaustion.
Impacted Parties: Any application, API, chatbot, or documentation system using marked@18.0.0 (and potentially earlier versions) to parse untrusted user input is vulnerable.
Because the payload requires zero authentication and only 3 bytes of data, it requires virtually no resources from the attacker to remotely crash the service and achieve a total loss of availability for the targeted application.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 18.0.1"
},
"package": {
"ecosystem": "npm",
"name": "marked"
},
"ranges": [
{
"events": [
{
"introduced": "18.0.0"
},
{
"fixed": "18.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-41680"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-674",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-29T22:12:20Z",
"nvd_published_at": "2026-04-24T18:16:29Z",
"severity": "HIGH"
},
"details": "### Summary\nA critical Denial of Service (DoS) vulnerability exists in `marked@18.0.0`. By providing a specific 3-byte input sequence a tab, a vertical tab, and a newline (`\\x09\\x0b\\n`)\u2014an unauthenticated attacker can trigger an infinite recursion loop during parsing. This leads to unbounded memory allocation, causing the host Node.js application to crash via Memory Exhaustion (OOM). \n\n### Details\nThe vulnerability originates in how `marked`\u0027s block tokenizer handles unexpected whitespace characters. \n\n1. **Tab Character (`\\x09`) Consumption**: The `space()` tokenizer matches standard whitespace using the regex `/^(?:[ \\t]*(?:\\n|$))+/`. When parsing the malicious payload (`\\x09\\x0b\\n`), this rule successfully consumes the initial tab character (`\\x09`).\n2. **Vertical Tab (`\\x0b`) Bypass**: The remaining input is now `\\x0b\\n`. The newline block rule explicitly looks for spaces or standard tabs (`[ \\t]`) followed by a newline. Because the vertical tab is a legacy ASCII character not accounted for in this rule, it fails to match.\n3. **Fallback to Text Tokenizer**: None of the standard block tokenizers (blockquote, code, heading, etc.) match `\\x0b\\n`. As a result, the parser falls through to the `text` tokenizer (`/^[^\\n]+/`), which matches any character except a newline.\n4. **Infinite Recursion**: Inside `blockTokens()`, the `text` tokenizer creates a text token and subsequently calls `inlineTokens()` on the exact same content. Inside `inlineTokens()`, the text rule again matches `\\x0b\\n` and recursively calls `inlineTokens()`. This creates an inescapable cycle: `blockTokens() \u2192 text token \u2192 inlineTokens() \u2192 text rule matches \u2192 inlineTokens() \u2192 ...`\n\nWith each recursive call allocating new token objects and concatenating strings, memory grows indefinitely until the Node.js heap limit is reached.\n\n**Vulnerable Code in `lib/marked.esm.js` (Lexer class, `blockTokens()`):**\n```javascript\n// The text tokenizer triggers infinite recursion\nif(r=this.tokenizer.text(e)) {\n e=e.substring(r.raw.length);\n let s=t.at(-1);\n s?.type===\"text\"?(s.raw+=(s.raw.endsWith(\"\\n\")?\"\":\"\\n\")+r.raw, s.text+=\"\\n\"+r.text, this.inlineQueue.pop(), this.inlineQueue.at(-1).src=s.text):t.push(r);\n // \u2191 This calls inlineTokens() internally via the text tokenizer, causing the OOM loop\n continue;\n}\n```\n\n### PoC\nThis vulnerability can be reproduced using any standard Node.js environment with `marked@18.0.0` installed.\n\n1. Create a file named `poc.js` with the following content:\n```javascript\nconst marked = require(\u0027marked\u0027);\n\n// The vulnerable 3-byte pattern: tab + vertical tab + newline\nconst vulnerableInput = \u0027\\x09\\x0b\\n\u0027;\n\nconsole.log(\u0027Attempting to parse malicious payload...\u0027);\ntry {\n marked.parse(vulnerableInput);\n} catch(e) {\n console.log(\u0027Error:\u0027, e.message);\n}\n```\n2. Run the script: `node poc.js`\n3. **Result:** The process will hang briefly as memory spikes, ultimately crashing with: `FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory`.\n\n### Impact\nThis is a High-Severity Denial of Service (DoS) vulnerability via Memory Exhaustion. \n\n**Impacted Parties:** Any application, API, chatbot, or documentation system using `marked@18.0.0` (and potentially earlier versions) to parse untrusted user input is vulnerable. \n\nBecause the payload requires zero authentication and only 3 bytes of data, it requires virtually no resources from the attacker to remotely crash the service and achieve a total loss of availability for the targeted application.",
"id": "GHSA-6v9c-7cg6-27q7",
"modified": "2026-04-29T22:12:20Z",
"published": "2026-04-29T22:12:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/markedjs/marked/security/advisories/GHSA-6v9c-7cg6-27q7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41680"
},
{
"type": "PACKAGE",
"url": "https://github.com/markedjs/marked"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Marked Vulnerable to OOM Denial of Service via Infinite Recursion in marked Tokenizer"
}
GHSA-6V9F-3XW7-VJJ9
Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-27 00:00A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine
{
"affected": [],
"aliases": [
"CVE-2022-28886"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-23T19:15:00Z",
"severity": "MODERATE"
},
"details": "A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine",
"id": "GHSA-6v9f-3xw7-vjj9",
"modified": "2022-09-27T00:00:14Z",
"published": "2022-09-25T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28886"
},
{
"type": "WEB",
"url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories"
},
{
"type": "WEB",
"url": "https://www.withsecure.com/en/support/security-advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6VWG-GM7P-4529
Vulnerability from github – Published: 2025-10-11 00:30 – Updated: 2025-10-11 00:30MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service
{
"affected": [],
"aliases": [
"CVE-2025-11626"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-10T23:15:35Z",
"severity": "MODERATE"
},
"details": "MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service",
"id": "GHSA-6vwg-gm7p-4529",
"modified": "2025-10-11T00:30:17Z",
"published": "2025-10-11T00:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11626"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/20724"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2025-04.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6VX5-8RXP-JW26
Vulnerability from github – Published: 2022-12-07 21:30 – Updated: 2022-12-12 18:30qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255).
{
"affected": [],
"aliases": [
"CVE-2022-46770"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-07T20:15:00Z",
"severity": "HIGH"
},
"details": "qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255).",
"id": "GHSA-6vx5-8rxp-jw26",
"modified": "2022-12-12T18:30:29Z",
"published": "2022-12-07T21:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46770"
},
{
"type": "WEB",
"url": "https://github.com/mirage/qubes-mirage-firewall/issues/166"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/171610/Qubes-Mirage-Firewall-0.8.3-Denial-Of-Service.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6W5V-VMWV-XCWJ
Vulnerability from github – Published: 2022-05-24 17:40 – Updated: 2022-05-24 17:40A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.
{
"affected": [],
"aliases": [
"CVE-2020-36227"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-26T18:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
"id": "GHSA-6w5v-vmwv-xcwj",
"modified": "2022-05-24T17:40:16Z",
"published": "2022-05-24T17:40:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36227"
},
{
"type": "WEB",
"url": "https://bugs.openldap.org/show_bug.cgi?id=9428"
},
{
"type": "WEB",
"url": "https://git.openldap.org/openldap/openldap/-/commit/9d0e8485f3113505743baabf1167e01e4558ccf5"
},
{
"type": "WEB",
"url": "https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210226-0002"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT212529"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT212530"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT212531"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4845"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2021/May/64"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2021/May/65"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2021/May/70"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6W7H-3CWX-M3MP
Vulnerability from github – Published: 2024-05-14 18:30 – Updated: 2025-11-04 00:30MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
{
"affected": [],
"aliases": [
"CVE-2024-4854"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T15:45:18Z",
"severity": "MODERATE"
},
"details": "MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file",
"id": "GHSA-6w7h-3cwx-m3mp",
"modified": "2025-11-04T00:30:48Z",
"published": "2024-05-14T18:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4854"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19726"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/merge_requests/15047"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/merge_requests/15499"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2024-07.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6WF9-JMG9-VXCC
Vulnerability from github – Published: 2021-08-25 14:48 – Updated: 2022-02-08 20:59Impact
The vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types.
Patches
XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Workarounds
See workarounds for the different versions covering all CVEs.
References
See full information about the nature of the vulnerability and the steps to reproduce it in XStream's documentation for CVE-2021-39140.
Credits
The vulnerability was discovered and reported by Lai Han of nsfocus security team.
For more information
If you have any questions or comments about this advisory: * Open an issue in XStream * Contact us at XStream Google Group
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.thoughtworks.xstream:xstream"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.18"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-39140"
],
"database_specific": {
"cwe_ids": [
"CWE-502",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-23T18:22:01Z",
"nvd_published_at": "2021-08-23T19:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types.\n\n### Patches\nXStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.\n\n### Workarounds\nSee [workarounds](https://x-stream.github.io/security.html#workaround) for the different versions covering all CVEs.\n\n### References\nSee full information about the nature of the vulnerability and the steps to reproduce it in XStream\u0027s documentation for [CVE-2021-39140](https://x-stream.github.io/CVE-2021-39140.html).\n\n### Credits\nThe vulnerability was discovered and reported by Lai Han of nsfocus security team.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [XStream](https://github.com/x-stream/xstream/issues)\n* Contact us at [XStream Google Group](https://groups.google.com/group/xstream-user)\n",
"id": "GHSA-6wf9-jmg9-vxcc",
"modified": "2022-02-08T20:59:06Z",
"published": "2021-08-25T14:48:39Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-6wf9-jmg9-vxcc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39140"
},
{
"type": "PACKAGE",
"url": "https://github.com/x-stream/xstream"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-5004"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"type": "WEB",
"url": "https://x-stream.github.io/CVE-2021-39140.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "XStream can cause a Denial of Service"
}
GHSA-6XGJ-C5FX-5V57
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-21 16:17A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "dbgpt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-10829"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-21T16:17:52Z",
"nvd_published_at": "2025-03-20T10:15:20Z",
"severity": "HIGH"
},
"details": "A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests.",
"id": "GHSA-6xgj-c5fx-5v57",
"modified": "2025-03-21T16:17:52Z",
"published": "2025-03-20T12:32:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10829"
},
{
"type": "PACKAGE",
"url": "https://github.com/eosphoros-ai/DB-GPT"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "DB-GPT Uncontrolled Resource Consumption vulnerability"
}
GHSA-6XVV-489Q-R47W
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type.
{
"affected": [],
"aliases": [
"CVE-2018-7330"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-23T22:29:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type.",
"id": "GHSA-6xvv-489q-r47w",
"modified": "2022-05-13T01:53:21Z",
"published": "2022-05-13T01:53:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7330"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14428"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ad0c5b3683a17d9e2e16bbf25869140fd5c1c66"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-06.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103158"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.