CWE-834
DiscouragedExcessive Iteration
Abstraction: Class · Status: Incomplete
The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
124 vulnerabilities reference this CWE, most recent first.
GHSA-VR63-X8VC-M265
Vulnerability from github – Published: 2025-10-22 19:40 – Updated: 2025-10-23 17:40Impact
An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter.
Patches
This has been fixed in pypdf==6.1.3.
Workarounds
If you cannot upgrade yet, consider applying the changes from PR #3501.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pypdf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.1.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-62707"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-22T19:40:47Z",
"nvd_published_at": "2025-10-22T22:15:35Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter.\n\n### Patches\nThis has been fixed in [pypdf==6.1.3](https://github.com/py-pdf/pypdf/releases/tag/6.1.3).\n\n### Workarounds\nIf you cannot upgrade yet, consider applying the changes from PR [#3501](https://github.com/py-pdf/pypdf/pull/3501).",
"id": "GHSA-vr63-x8vc-m265",
"modified": "2025-10-23T17:40:35Z",
"published": "2025-10-22T19:40:47Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-vr63-x8vc-m265"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62707"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/pull/3501"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/commit/f2864d6dd9bac7cecd3f4f54308b25ebbfa178f8"
},
{
"type": "PACKAGE",
"url": "https://github.com/py-pdf/pypdf"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/releases/tag/6.1.3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "pypdf possibly loops infinitely when reading DCT inline images without EOF marker"
}
GHSA-VWRX-GCWC-3W8C
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file, which claims a large "name_len" or "count" field in the header but does not contain sufficient backing data, is provided, the loops over the name and markers would consume huge CPU and memory resources, since there is no EOF check inside these loops.
{
"affected": [],
"aliases": [
"CVE-2017-14057"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-31T15:29:00Z",
"severity": "HIGH"
},
"details": "In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file, which claims a large \"name_len\" or \"count\" field in the header but does not contain sufficient backing data, is provided, the loops over the name and markers would consume huge CPU and memory resources, since there is no EOF check inside these loops.",
"id": "GHSA-vwrx-gcwc-3w8c",
"modified": "2022-05-13T01:43:18Z",
"published": "2022-05-13T01:43:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14057"
},
{
"type": "WEB",
"url": "https://github.com/FFmpeg/FFmpeg/commit/7f9ec5593e04827249e7aeb466da06a98a0d7329"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3996"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100630"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W275-M8CR-HF2V
Vulnerability from github – Published: 2024-02-08 06:30 – Updated: 2024-10-02 18:38The IFrame widget in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versions, and Liferay DXP 7.4 before update 27, 7.3 before update 6, 7.2 before fix pack 19, and older unsupported versions does not check the URL of the IFrame, which allows remote authenticated users to cause a denial-of-service (DoS) via a self referencing IFrame.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.liferay.portal:release.portal.bom"
},
"ranges": [
{
"events": [
{
"introduced": "7.2.0"
},
{
"fixed": "7.4.3.27"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.liferay.portal:release.dxp.bom"
},
"ranges": [
{
"events": [
{
"introduced": "7.2.0"
},
{
"fixed": "7.2.10.fp19"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.liferay.portal:release.dxp.bom"
},
"ranges": [
{
"events": [
{
"introduced": "7.3.0"
},
{
"fixed": "7.3.10.u6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.liferay.portal:release.dxp.bom"
},
"ranges": [
{
"events": [
{
"introduced": "7.4.0"
},
{
"fixed": "7.4.13.u27"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-25144"
],
"database_specific": {
"cwe_ids": [
"CWE-834",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2024-02-08T18:26:20Z",
"nvd_published_at": "2024-02-08T04:15:07Z",
"severity": "MODERATE"
},
"details": "The IFrame widget in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versions, and Liferay DXP 7.4 before update 27, 7.3 before update 6, 7.2 before fix pack 19, and older unsupported versions does not check the URL of the IFrame, which allows remote authenticated users to cause a denial-of-service (DoS) via a self referencing IFrame.",
"id": "GHSA-w275-m8cr-hf2v",
"modified": "2024-10-02T18:38:40Z",
"published": "2024-02-08T06:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25144"
},
{
"type": "PACKAGE",
"url": "https://github.com/liferay/liferay-portal"
},
{
"type": "WEB",
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25144"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L",
"type": "CVSS_V4"
}
],
"summary": "Liferay Portal denial-of-service vulnerability"
}
GHSA-W422-W3VF-F63F
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
{
"affected": [],
"aliases": [
"CVE-2021-3125"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-12T19:15:00Z",
"severity": "HIGH"
},
"details": "In TP-Link TL-XDR3230 \u003c 1.0.12, TL-XDR1850 \u003c 1.0.9, TL-XDR1860 \u003c 1.0.14, TL-XDR3250 \u003c 1.0.2, TL-XDR6060 Turbo \u003c 1.1.8, TL-XDR5430 \u003c 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.",
"id": "GHSA-w422-w3vf-f63f",
"modified": "2022-05-24T17:47:09Z",
"published": "2022-05-24T17:47:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3125"
},
{
"type": "WEB",
"url": "https://service.tp-link.com.cn/detail_download_8719.html"
},
{
"type": "WEB",
"url": "https://service.tp-link.com.cn/detail_download_8720.html"
},
{
"type": "WEB",
"url": "https://service.tp-link.com.cn/detail_download_8722.html"
},
{
"type": "WEB",
"url": "https://service.tp-link.com.cn/detail_download_8723.html"
},
{
"type": "WEB",
"url": "https://service.tp-link.com.cn/detail_download_8724.html"
},
{
"type": "WEB",
"url": "https://service.tp-link.com.cn/detail_download_8725.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-W879-475F-RQQC
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted. Continued attacks by an unauthenticated, local user, can lead to persistent denials of services.
{
"affected": [],
"aliases": [
"CVE-2017-2330"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-24T15:59:00Z",
"severity": "MODERATE"
},
"details": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted. Continued attacks by an unauthenticated, local user, can lead to persistent denials of services.",
"id": "GHSA-w879-475f-rqqc",
"modified": "2022-05-13T01:44:46Z",
"published": "2022-05-13T01:44:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2330"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10783"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97618"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WGVP-VG3V-2XQ3
Vulnerability from github – Published: 2026-02-18 22:41 – Updated: 2026-02-23 22:20Impact
An attacker who uses this vulnerability can craft a PDF which leads to long runtimes and large memory consumption. This requires parsing the /ToUnicode entry of a font with unusually large values, for example during text extraction.
Patches
This has been fixed in pypdf==6.7.1.
Workarounds
If you cannot upgrade yet, consider applying the changes from PR #3646.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pypdf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.7.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27025"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-18T22:41:13Z",
"nvd_published_at": "2026-02-20T22:16:28Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nAn attacker who uses this vulnerability can craft a PDF which leads to long runtimes and large memory consumption. This requires parsing the `/ToUnicode` entry of a font with unusually large values, for example during text extraction.\n\n### Patches\n\nThis has been fixed in [pypdf==6.7.1](https://github.com/py-pdf/pypdf/releases/tag/6.7.1).\n\n### Workarounds\n\nIf you cannot upgrade yet, consider applying the changes from PR [#3646](https://github.com/py-pdf/pypdf/pull/3646).",
"id": "GHSA-wgvp-vg3v-2xq3",
"modified": "2026-02-23T22:20:51Z",
"published": "2026-02-18T22:41:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-wgvp-vg3v-2xq3"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27025"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/pull/3646"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/commit/77d7b8d7cfbe8dd179858dfa42666f73fc6e57a2"
},
{
"type": "PACKAGE",
"url": "https://github.com/py-pdf/pypdf"
},
{
"type": "WEB",
"url": "https://github.com/py-pdf/pypdf/releases/tag/6.7.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "pypdf has possible long runtimes/large memory usage for large /ToUnicode streams"
}
GHSA-WJ72-W3G7-F3JQ
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2025-04-20 03:41In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.
{
"affected": [],
"aliases": [
"CVE-2017-11409"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-18T21:29:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.",
"id": "GHSA-wj72-w3g7-f3jq",
"modified": "2025-04-20T03:41:04Z",
"published": "2022-05-13T01:42:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11409"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=57b83bbbd76f543eb8d108919f13b662910bff9a"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=57b83bbbd76f543eb8d108919f13b662910bff9a"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2017-37.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99914"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038966"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WQW9-VMHV-JG2W
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
{
"affected": [],
"aliases": [
"CVE-2021-23270"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-12T19:15:00Z",
"severity": "HIGH"
},
"details": "In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.",
"id": "GHSA-wqw9-vmhv-jg2w",
"modified": "2022-05-24T17:47:07Z",
"published": "2022-05-24T17:47:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23270"
},
{
"type": "WEB",
"url": "https://github.com/ericpaulbishop/gargoyle/commit/24afe944a6ffff53d84a748384e276a4e95912ec"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WVP3-F576-FPV8
Vulnerability from github – Published: 2024-08-07 18:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Validate payload length before processing block
Move the payload length check in cs_dsp_load() and cs_dsp_coeff_load() to be done before the block is processed.
The check that the length of a block payload does not exceed the number of remaining bytes in the firwmware file buffer was being done near the end of the loop iteration. However, some code before that check used the length field without validating it.
{
"affected": [],
"aliases": [
"CVE-2024-42237"
],
"database_specific": {
"cwe_ids": [
"CWE-834"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-07T16:15:46Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: cs_dsp: Validate payload length before processing block\n\nMove the payload length check in cs_dsp_load() and cs_dsp_coeff_load()\nto be done before the block is processed.\n\nThe check that the length of a block payload does not exceed the number\nof remaining bytes in the firwmware file buffer was being done near the\nend of the loop iteration. However, some code before that check used the\nlength field without validating it.",
"id": "GHSA-wvp3-f576-fpv8",
"modified": "2025-11-04T00:31:10Z",
"published": "2024-08-07T18:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42237"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/259955eca9b7acf1299b1ac077d8cfbe12df35d8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3a9cd924aec1288d675df721f244da4dd7e16cff"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6598afa9320b6ab13041616950ca5f8f938c0cf1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/71d9e313d8f7e18c543a9c80506fe6b1eb1fe0c8"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X4RG-4545-4W7W
Vulnerability from github – Published: 2022-02-15 01:57 – Updated: 2021-11-03 14:59Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/facebook/fbthrift"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.31.1-0.20190225164308-c461c1bd1a3e"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-3564"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-755",
"CWE-834"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-17T15:32:10Z",
"nvd_published_at": "2019-05-06T16:29:00Z",
"severity": "HIGH"
},
"details": "Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00.",
"id": "GHSA-x4rg-4545-4w7w",
"modified": "2021-11-03T14:59:45Z",
"published": "2022-02-15T01:57:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3564"
},
{
"type": "WEB",
"url": "https://github.com/facebook/fbthrift/commit/c461c1bd1a3e130b181aa9c854da3030cd4b5156"
},
{
"type": "PACKAGE",
"url": "https://github.com/facebook/fbthrift"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2021-0088"
},
{
"type": "WEB",
"url": "https://www.facebook.com/security/advisories/cve-2019-3564"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Input Validation and Excessive Iteration in Go Facebook Thrift"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.