Vulnerabilities > Uncontrolled Recursion

DATE CVE VULNERABILITY TITLE RISK
2023-01-21 CVE-2023-22617 Uncontrolled Recursion vulnerability in Powerdns Recursor 4.8.0
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode.
network
low complexity
powerdns CWE-674
7.5
2023-01-05 CVE-2022-47662 Uncontrolled Recursion vulnerability in Gpac 2.1Devrev649Ga8F438D20
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662
local
low complexity
gpac CWE-674
5.5
2022-12-14 CVE-2022-23516 Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
network
low complexity
CWE-674
7.5
2022-12-14 CVE-2022-23500 TYPO3 is an open source PHP based web content management system.
network
low complexity
CWE-674
7.5
2022-12-12 CVE-2022-41881 Uncontrolled Recursion vulnerability in Netty
Netty project is an event-driven asynchronous network application framework.
network
low complexity
netty CWE-674
7.5
2022-12-04 CVE-2022-46405 Uncontrolled Recursion vulnerability in Joinmastodon Mastodon
Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.
network
low complexity
joinmastodon CWE-674
7.5
2022-11-01 CVE-2022-42321 Uncontrolled Recursion vulnerability in multiple products
Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g.
local
low complexity
xen debian fedoraproject CWE-674
6.5
2022-10-06 CVE-2022-27810 Uncontrolled Recursion vulnerability in Facebook Hermes
It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript.
network
low complexity
facebook CWE-674
7.5
2022-09-28 CVE-2022-31628 Uncontrolled Recursion vulnerability in multiple products
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
local
low complexity
php fedoraproject debian CWE-674
5.5
2022-09-19 CVE-2022-28201 Uncontrolled Recursion vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2.
local
low complexity
mediawiki debian CWE-674
4.4