Vulnerabilities > Uncontrolled Recursion

DATE CVE VULNERABILITY TITLE RISK
2021-03-11 CVE-2020-1898 Uncontrolled Recursion vulnerability in Facebook Hhvm
The fb_unserialize function did not impose a depth limit for nested deserialization.
network
low complexity
facebook CWE-674
7.5
7.5
2021-03-09 CVE-2021-20255 Uncontrolled Recursion vulnerability in multiple products
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU.
local
low complexity
qemu debian CWE-674
5.5
5.5
2021-03-05 CVE-2021-28040 Uncontrolled Recursion vulnerability in Ossec 3.6.0
An issue was discovered in OSSEC 3.6.0.
network
low complexity
ossec CWE-674
7.5
7.5
2020-12-15 CVE-2020-29566 Uncontrolled Recursion vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian fedoraproject CWE-674
5.5
5.5
2020-12-14 CVE-2020-8285 Uncontrolled Recursion vulnerability in multiple products
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. 		7.5
7.5
2020-11-06 CVE-2020-26883 Uncontrolled Recursion vulnerability in Lightbend Play Framework
In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents.
network
low complexity
lightbend CWE-674
7.5
7.5
2020-11-06 CVE-2020-26882 Uncontrolled Recursion vulnerability in Lightbend Play Framework
In Play Framework 2.6.0 through 2.8.2, data amplification can occur when an application accepts multipart/form-data JSON input.
network
low complexity
lightbend CWE-674
7.5
7.5
2020-11-06 CVE-2020-28196 Uncontrolled Recursion vulnerability in multiple products
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
network
low complexity
mit fedoraproject netapp oracle CWE-674
7.5
7.5
2020-11-06 CVE-2020-28242 Uncontrolled Recursion vulnerability in multiple products
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5.
network
low complexity
asterisk sangoma fedoraproject debian CWE-674
6.5
6.5
2020-11-02 CVE-2020-9861 Uncontrolled Recursion vulnerability in Apple Swift
A stack overflow issue existed in Swift for Linux.
network
low complexity
apple CWE-674
7.5
7.5