Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1057 vulnerabilities reference this CWE, most recent first.

GHSA-GMVF-RV8W-2HRH

Vulnerability from github – Published: 2024-09-04 15:30 – Updated: 2024-09-04 18:30
VLAI
Details

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-04T15:15:14Z",
    "severity": "HIGH"
  },
  "details": "HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service.",
  "id": "GHSA-gmvf-rv8w-2hrh",
  "modified": "2024-09-04T18:30:57Z",
  "published": "2024-09-04T15:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45506"
    },
    {
      "type": "WEB",
      "url": "https://www.haproxy.org"
    },
    {
      "type": "WEB",
      "url": "https://www.haproxy.org/download/3.1/src/CHANGELOG"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg45280.html"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg45281.html"
    },
    {
      "type": "WEB",
      "url": "http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=c725db17e8416ffb3c1537aea756356228ce5e3c"
    },
    {
      "type": "WEB",
      "url": "http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=d636e515453320c6e122c313c661a8ac7d387c7f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GPMQ-FQJH-4PRC

Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2025-04-20 03:34
VLAI
Details

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5987"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-20T16:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.",
  "id": "GHSA-gpmq-fqjh-4prc",
  "modified": "2025-04-20T03:34:30Z",
  "published": "2022-05-13T01:13:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5987"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421995"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02776.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201704-01"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=6e86d90352adf6cb08295255220295cf23c4286e"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=6e86d90352adf6cb08295255220295cf23c4286e"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/02/14/8"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96263"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GR26-QX48-Q4HH

Vulnerability from github – Published: 2025-03-27 18:31 – Updated: 2025-04-15 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/core: Fix ib block iterator counter overflow

When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the selected page size, DMA blocks.

In given circumstances where the sg entry and page size fit certain sizes and the sg entry is not aligned to the selected page size, the total size of the aligned pages we need to cover the sg entry is >= 4GB. Under this circumstances, while iterating page aligned blocks, the counter responsible for counting how much we advanced from the start of the sg entry is overflowed because its type is u32 and we pass 4GB in size. This can lead to an infinite loop inside the iterator function because the overflow prevents the counter to be larger than the size of the sg entry.

Fix the presented problem by changing the advancement condition to eliminate overflow.

Backtrace: [ 192.374329] efa_reg_user_mr_dmabuf [ 192.376783] efa_register_mr [ 192.382579] pgsz_bitmap 0xfffff000 rounddown 0x80000000 [ 192.386423] pg_sz [0x80000000] umem_length[0xc0000000] [ 192.392657] start 0x0 length 0xc0000000 params.page_shift 31 params.page_num 3 [ 192.399559] hp_cnt[3], pages_in_hp[524288] [ 192.403690] umem->sgt_append.sgt.nents[1] [ 192.407905] number entries: [1], pg_bit: [31] [ 192.411397] biter->__sg_nents [1] biter->__sg [0000000008b0c5d8] [ 192.415601] biter->__sg_advance [665837568] sg_dma_len[3221225472] [ 192.419823] biter->__sg_nents [1] biter->__sg [0000000008b0c5d8] [ 192.423976] biter->__sg_advance [2813321216] sg_dma_len[3221225472] [ 192.428243] biter->__sg_nents [1] biter->__sg [0000000008b0c5d8] [ 192.432397] biter->__sg_advance [665837568] sg_dma_len[3221225472]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53026"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-27T17:15:52Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix ib block iterator counter overflow\n\nWhen registering a new DMA MR after selecting the best aligned page size\nfor it, we iterate over the given sglist to split each entry to smaller,\naligned to the selected page size, DMA blocks.\n\nIn given circumstances where the sg entry and page size fit certain\nsizes and the sg entry is not aligned to the selected page size, the\ntotal size of the aligned pages we need to cover the sg entry is \u003e= 4GB.\nUnder this circumstances, while iterating page aligned blocks, the\ncounter responsible for counting how much we advanced from the start of\nthe sg entry is overflowed because its type is u32 and we pass 4GB in\nsize. This can lead to an infinite loop inside the iterator function\nbecause the overflow prevents the counter to be larger\nthan the size of the sg entry.\n\nFix the presented problem by changing the advancement condition to\neliminate overflow.\n\nBacktrace:\n[  192.374329] efa_reg_user_mr_dmabuf\n[  192.376783] efa_register_mr\n[  192.382579] pgsz_bitmap 0xfffff000 rounddown 0x80000000\n[  192.386423] pg_sz [0x80000000] umem_length[0xc0000000]\n[  192.392657] start 0x0 length 0xc0000000 params.page_shift 31 params.page_num 3\n[  192.399559] hp_cnt[3], pages_in_hp[524288]\n[  192.403690] umem-\u003esgt_append.sgt.nents[1]\n[  192.407905] number entries: [1], pg_bit: [31]\n[  192.411397] biter-\u003e__sg_nents [1] biter-\u003e__sg [0000000008b0c5d8]\n[  192.415601] biter-\u003e__sg_advance [665837568] sg_dma_len[3221225472]\n[  192.419823] biter-\u003e__sg_nents [1] biter-\u003e__sg [0000000008b0c5d8]\n[  192.423976] biter-\u003e__sg_advance [2813321216] sg_dma_len[3221225472]\n[  192.428243] biter-\u003e__sg_nents [1] biter-\u003e__sg [0000000008b0c5d8]\n[  192.432397] biter-\u003e__sg_advance [665837568] sg_dma_len[3221225472]",
  "id": "GHSA-gr26-qx48-q4hh",
  "modified": "2025-04-15T21:31:30Z",
  "published": "2025-03-27T18:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53026"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0afec5e9cea732cb47014655685a2a47fb180c31"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/362c9489720b31b6aa7491423ba65a4e98aa9838"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/43811d07ea64366af8ec9e168c558ec51440c39e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/902063a9fea5f8252df392ade746bc9cfd07a5ae"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d66c1d4178c219b6e7d7a6f714e3e3656faccc36"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GR67-PWCV-76GF

Vulnerability from github – Published: 2025-06-10 19:44 – Updated: 2025-06-10 19:44
VLAI
Summary
GeoServer Infinite Loop Vulnerability in Jiffle process
Details

Summary

Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service.

Details

The Jiffle language supports multiple loop constructs that will cause its code block to be continuously executed until a certain condition is met. The Jiffle runtime should be updated to throw an exception if the script exceeds a certain number of loop iterations.

Impact

This vulnerability allows attackers to conduct denial-of-service attacks.

Mitigation

This vulnerability can be mitigated by disabling WMS dynamic styling (see WMS Settings). If the WPS extension is installed, the Jiffle process must also be disabled to mitigate this vulnerability (see WPS Settings)

References

https://github.com/geosolutions-it/jai-ext/pull/307 https://osgeo-org.atlassian.net/browse/GEOS-11778

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.26.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.geoserver.web:gs-web-app"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.26.0"
            },
            {
              "fixed": "2.26.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.26.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.geoserver:gs-wms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.26.0"
            },
            {
              "fixed": "2.26.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.26.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.geoserver.extension:gs-wps-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.26.0"
            },
            {
              "fixed": "2.26.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.25.6"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.geoserver.web:gs-web-app"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.25.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.25.6"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.geoserver:gs-wms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.25.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.25.6"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.geoserver.extension:gs-wps-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.25.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-30145"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-10T19:44:31Z",
    "nvd_published_at": "2025-06-10T15:15:24Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nMalicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service.\n\n### Details\nThe Jiffle language supports multiple loop constructs that will cause its code block to be continuously executed until a certain condition is met. The Jiffle runtime should be updated to throw an exception if the script exceeds a certain number of loop iterations.\n\n### Impact\nThis vulnerability allows attackers to conduct denial-of-service attacks.\n\n### Mitigation\nThis vulnerability can be mitigated by disabling WMS dynamic styling (see [WMS Settings](https://docs.geoserver.org/latest/en/user/services/wms/webadmin.html#disabling-usage-of-dynamic-styling-in-getmap-getfeatureinfo-and-getlegendgraphic-requests)).\nIf the WPS extension is installed, the Jiffle process must also be disabled to mitigate this vulnerability (see [WPS Settings](https://docs.geoserver.org/latest/en/user/services/wps/security.html#input-limits))\n\n### References\nhttps://github.com/geosolutions-it/jai-ext/pull/307\nhttps://osgeo-org.atlassian.net/browse/GEOS-11778",
  "id": "GHSA-gr67-pwcv-76gf",
  "modified": "2025-06-10T19:44:31Z",
  "published": "2025-06-10T19:44:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-gr67-pwcv-76gf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30145"
    },
    {
      "type": "WEB",
      "url": "https://github.com/geosolutions-it/jai-ext/pull/307"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/geoserver/geoserver"
    },
    {
      "type": "WEB",
      "url": "https://osgeo-org.atlassian.net/browse/GEOS-11778"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "GeoServer Infinite Loop Vulnerability in Jiffle process"
}

GHSA-GRCX-7J3G-CV8R

Vulnerability from github – Published: 2025-05-20 18:30 – Updated: 2025-11-17 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX

As noted by Anssi some 20 years ago, pool report is sometimes messed up. This worked fine on many devices but casued oops on VRS DirectForce PRO.

Here, we're making sure pool report is refetched before trying to access any of it's fields. While loop was replaced with a for loop + exit conditions were moved aroud to decrease the possibility of creating an infinite loop scenario.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-37942"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-20T16:15:32Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX\n\nAs noted by Anssi some 20 years ago, pool report is sometimes messed up.\nThis worked fine on many devices but casued oops on VRS DirectForce PRO.\n\nHere, we\u0027re making sure pool report is refetched before trying to access\nany of it\u0027s fields. While loop was replaced with a for loop + exit\nconditions were moved aroud to decrease the possibility of creating an\ninfinite loop scenario.",
  "id": "GHSA-grcx-7j3g-cv8r",
  "modified": "2025-11-17T15:30:32Z",
  "published": "2025-05-20T18:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37942"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1f650dcec32d22deb1d6db12300a2b98483099a9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/211861869766a7bb7c72158aee0140ec67e182a7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/344d903be8b5c0733ed0f4bc5be34b4a26d905c8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a6f5d30a5c7713238c5c65c98ad95dacb73688d5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GVR6-VW53-XH39

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:38
VLAI
Details

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9352"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-02T05:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.",
  "id": "GHSA-gvr6-vw53-xh39",
  "modified": "2025-04-20T03:38:24Z",
  "published": "2022-05-13T01:47:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9352"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8c5e0cee278ff0678b0ebf4b9c2a614974b4029a"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8c5e0cee278ff0678b0ebf4b9c2a614974b4029a"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2017-22.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98804"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038612"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GW5J-77F9-V2G2

Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2024-05-15 06:57
VLAI
Summary
Loop with Unreachable Exit Condition in Apache CXF
Details

The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cxf:cxf-rt-frontend-jaxrs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.6.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cxf:cxf-rt-frontend-jaxrs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cxf:cxf-rt-frontend-jaxrs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2014-3584"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-07-07T22:39:10Z",
    "nvd_published_at": "2014-10-30T14:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.",
  "id": "GHSA-gw5j-77f9-v2g2",
  "modified": "2024-05-15T06:57:54Z",
  "published": "2022-05-13T01:09:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3584"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/cxf/commit/0b3894f57388b9955f2c33b2295223f2835cd7b3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/cxf/commit/47b127dbdb4a10d282be92f2ebbe646f8cf6b03e"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97753"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/cxf"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/CXF-5390"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://cxf.apache.org/security-advisories.data/CVE-2014-3584.txt.asc"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/oss-sec/2014/q4/437"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Loop with Unreachable Exit Condition in Apache CXF"
}

GHSA-GWR3-X37H-H84V

Vulnerability from github – Published: 2026-02-24 15:46 – Updated: 2026-02-24 15:46
VLAI
Summary
ImageMagick has a possible infinite loop in its JPEG encoder when using `jpeg:extent`
Details

A continue statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a 100% CPU consumption and process hang (Denial of Service) with a crafted image.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-AnyCPU"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-AnyCPU"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-OpenMP-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-OpenMP-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-HDRI-x86"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-OpenMP-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-OpenMP-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-OpenMP-x86"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q16-x86"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-AnyCPU"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-OpenMP-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-OpenMP-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-arm64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-x64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Magick.NET-Q8-x86"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "14.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-26283"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-24T15:46:25Z",
    "nvd_published_at": "2026-02-24T03:16:01Z",
    "severity": "MODERATE"
  },
  "details": "A `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a 100% CPU consumption and process hang (Denial of Service) with a crafted image.",
  "id": "GHSA-gwr3-x37h-h84v",
  "modified": "2026-02-24T15:46:25Z",
  "published": "2026-02-24T15:46:25Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gwr3-x37h-h84v"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26283"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/commit/c448c6920a985872072fc7be6034f678c087de9b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ImageMagick/ImageMagick"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ImageMagick has a possible infinite loop in its JPEG encoder when using `jpeg:extent`"
}

GHSA-GWVC-G4VV-PJX6

Vulnerability from github – Published: 2023-11-06 12:30 – Updated: 2023-11-06 12:30
VLAI
Details

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop and cause Denial of Service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-5825"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-06T11:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop and cause Denial of Service.",
  "id": "GHSA-gwvc-g4vv-pjx6",
  "modified": "2023-11-06T12:30:24Z",
  "published": "2023-11-06T12:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5825"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/2218566"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/428984"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GXGJ-XJCW-FV9P

Vulnerability from github – Published: 2022-12-28 00:30 – Updated: 2023-01-09 21:48
VLAI
Summary
socks Infinite Loop vulnerability
Details

The RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a stack overflow.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/btcsuite/go-socks"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.0-20130808000456-233bccbb1abe"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/btcsuitereleases/go-socks"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.0-20130808000456-233bccbb1abe"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2013-10005"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-09T21:48:38Z",
    "nvd_published_at": "2022-12-27T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "The `RemoteAddr` and `LocalAddr` methods on the returned `net.Conn` may call themselves, leading to an infinite loop which will crash the program due to a stack overflow.",
  "id": "GHSA-gxgj-xjcw-fv9p",
  "modified": "2023-01-09T21:48:38Z",
  "published": "2022-12-28T00:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-10005"
    },
    {
      "type": "WEB",
      "url": "https://github.com/btcsuite/go-socks/commit/233bccbb1abe02f05750f7ace66f5bffdb13defc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/btcsuite/go-socks"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2020-0024"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "socks Infinite Loop vulnerability"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.