Vulnerabilities > Loop with Unreachable Exit Condition ('Infinite Loop')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-11 | CVE-2021-27918 | Infinite Loop vulnerability in Golang GO encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. | 7.5 |
| 2021-02-26 | CVE-2020-27618 | Infinite Loop vulnerability in multiple products The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. | 5.5 |
| 2021-02-11 | CVE-2020-9307 | Infinite Loop vulnerability in Belden Hirschmann Hios 07.0.04/08.0.00 Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. | 6.5 |
| 2021-02-08 | CVE-2020-24944 | Infinite Loop vulnerability in Privateoctopus Picoquic picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functions and epoch==3. | 7.5 |
| 2021-02-07 | CVE-2021-22161 | Infinite Loop vulnerability in Openwrt In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. | 6.5 |
| 2021-01-26 | CVE-2020-36227 | Infinite Loop vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. | 7.5 |
| 2021-01-15 | CVE-2021-0221 | Infinite Loop vulnerability in Juniper Junos In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic. | 6.5 |
| 2021-01-06 | CVE-2021-21235 | Infinite Loop vulnerability in Kamadak-Exif Project Kamadak-Exif 0.5.2 kamadak-exif is an exif parsing library written in pure Rust. | 6.5 |
| 2020-12-30 | CVE-2020-28095 | Infinite Loop vulnerability in Tenda Ac1200 Firmware 15.03.06.51Multi On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop. | 7.5 |
| 2020-12-26 | CVE-2020-29385 | Infinite Loop vulnerability in multiple products GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. | 5.5 |