Vulnerabilities > Uncontrolled Recursion
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-21 | CVE-2023-22617 | Uncontrolled Recursion vulnerability in Powerdns Recursor 4.8.0 A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. | 7.5 |
| 2023-01-05 | CVE-2022-47662 | Uncontrolled Recursion vulnerability in Gpac GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662 | 5.5 |
| 2022-12-28 | CVE-2022-41966 | Uncontrolled Recursion vulnerability in Xstream Project Xstream XStream serializes Java objects to XML and back again. | 7.5 |
| 2022-12-12 | CVE-2022-41881 | Uncontrolled Recursion vulnerability in multiple products Netty project is an event-driven asynchronous network application framework. | 7.5 |
| 2022-12-04 | CVE-2022-46405 | Uncontrolled Recursion vulnerability in Joinmastodon Mastodon Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages. | 7.5 |
| 2022-11-01 | CVE-2022-42321 | Uncontrolled Recursion vulnerability in multiple products Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. | 6.5 |
| 2022-10-06 | CVE-2022-27810 | Uncontrolled Recursion vulnerability in Facebook Hermes It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript. | 7.5 |
| 2022-09-19 | CVE-2022-28201 | Uncontrolled Recursion vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. | 4.4 |
| 2022-09-16 | CVE-2022-40150 | Uncontrolled Recursion vulnerability in multiple products Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). | 7.5 |
| 2022-09-15 | CVE-2022-38334 | Uncontrolled Recursion vulnerability in Xpdfreader Xpdf XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. | 5.5 |