Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-29 | CVE-2023-50570 | Infinite Loop vulnerability in Seancfoley Ipaddress 5.1.0 An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. | 5.5 |
| 2023-12-27 | CVE-2023-51075 | Infinite Loop vulnerability in Hutool 5.8.23 hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. | 7.5 |
| 2023-12-18 | CVE-2023-50981 | Infinite Loop vulnerability in Cryptopp Crypto++ ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (infinite loop) via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853. | 7.5 |
| 2023-12-08 | CVE-2023-6245 | Infinite Loop vulnerability in Dfinity Candid The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. | 7.5 |
| 2023-11-29 | CVE-2023-40458 | Infinite Loop vulnerability in Sierrawireless Aleos Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial of Service (DoS) condition for ACEManager without impairing other router functions. | 7.5 |
| 2023-11-07 | CVE-2023-46737 | Infinite Loop vulnerability in Sigstore Cosign Cosign is a sigstore signing tool for OCI containers. | 5.3 |
| 2023-11-01 | CVE-2023-1718 | Infinite Loop vulnerability in Bitrix24 22.0.300 Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url". | 7.5 |
| 2023-10-31 | CVE-2023-46250 | Infinite Loop vulnerability in Pypdf Project Pypdf pypdf is a free and open-source pure-python PDF library. | 5.5 |
| 2023-10-13 | CVE-2023-44181 | Infinite Loop vulnerability in Juniper Junos An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k. | 7.5 |
| 2023-10-12 | CVE-2023-22325 | Infinite Loop vulnerability in Softether VPN 4.419782/5.01.9674/5.02 A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. | 5.9 |