• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-674

CVE-2022-47662

February 23, 2023 by godfreyd94

GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662

CVE-2022-46405

February 23, 2023 by godfreyd94

Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.

CVE-2022-42321

February 23, 2023 by godfreyd94

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored.

CVE-2022-41881

February 23, 2023 by godfreyd94

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.

CVE-2022-38334

February 23, 2023 by godfreyd94

XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.

CVE-2022-37315

February 23, 2023 by godfreyd94

graphql-go (aka GraphQL for Go) through 0.8.0 has infinite recursion in the type definition parser.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 22
  • Go to page 23
  • Go to page 24
  • Go to page 25
  • Go to page 26
  • Interim pages omitted …
  • Go to page 28
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE