Vulnerabilities > Uncontrolled Recursion
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-22 | CVE-2023-1436 | Uncontrolled Recursion vulnerability in Jettison Project Jettison An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. | 7.5 |
| 2023-03-06 | CVE-2021-36395 | Uncontrolled Recursion vulnerability in Moodle In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service. | 7.5 |
| 2023-02-01 | CVE-2022-37034 | Uncontrolled Recursion vulnerability in Dotcms In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. | 5.3 |
| 2023-01-21 | CVE-2023-22617 | Uncontrolled Recursion vulnerability in Powerdns Recursor 4.8.0 A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. | 7.5 |
| 2023-01-05 | CVE-2022-47662 | Uncontrolled Recursion vulnerability in Gpac GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662 | 5.5 |
| 2022-12-28 | CVE-2022-41966 | Uncontrolled Recursion vulnerability in Xstream Project Xstream XStream serializes Java objects to XML and back again. | 7.5 |
| 2022-12-12 | CVE-2022-41881 | Uncontrolled Recursion vulnerability in multiple products Netty project is an event-driven asynchronous network application framework. | 7.5 |
| 2022-12-04 | CVE-2022-46405 | Uncontrolled Recursion vulnerability in Joinmastodon Mastodon Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages. | 7.5 |
| 2022-11-01 | CVE-2022-42321 | Uncontrolled Recursion vulnerability in multiple products Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. | 6.5 |
| 2022-10-06 | CVE-2022-27810 | Uncontrolled Recursion vulnerability in Facebook Hermes It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript. | 7.5 |