An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system
CWE-835
CVE-2022-37768
libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer.
CVE-2022-36313
An issue was discovered in the file-type package before 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack.
CVE-2022-35724
It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
CVE-2022-35165
An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input.
CVE-2022-35166
libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal.