CWE-674
Uncontrolled Recursion
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
CVE-2025-33096 (GCVE-0-2025-33096)
Vulnerability from cvelistv5 – Published: 2025-10-12 13:31 – Updated: 2025-10-14 15:26
VLAI
Title
IBM Engineering Requirements Management Doors Next denial of service
Summary
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user to cause a denial of service by uploading specially crafted files using uncontrolled recursion.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7247716 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Engineering Requirements Management Doors Next |
Affected:
7.0.2
Affected: 7.0.3 Affected: 7.1 cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33096",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T15:25:52.689448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T15:26:02.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Engineering Requirements Management Doors Next",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user to cause a denial of service by uploading specially crafted files using uncontrolled recursion."
}
],
"value": "IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user to cause a denial of service by uploading specially crafted files using uncontrolled recursion."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-12T13:33:41.404Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7247716"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For IBM Engineering Requirements Management DOORS Next 7.0.2, install ifix 36.\u003cbr\u003e\u003cbr\u003eFor IBM Engineering Requirements Management DOORS Next 7.0.3, install ifix 19 or newer.\u003cbr\u003e\u003cbr\u003eFor IBM Engineering Requirements Management DOORS Next 7.1.0, install ifix 05 or newer.\u003cbr\u003e"
}
],
"value": "For IBM Engineering Requirements Management DOORS Next 7.0.2, install ifix 36.\n\nFor IBM Engineering Requirements Management DOORS Next 7.0.3, install ifix 19 or newer.\n\nFor IBM Engineering Requirements Management DOORS Next 7.1.0, install ifix 05 or newer."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Engineering Requirements Management Doors Next denial of service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-33096",
"datePublished": "2025-10-12T13:31:04.723Z",
"dateReserved": "2025-04-15T17:50:40.773Z",
"dateUpdated": "2025-10-14T15:26:02.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-36001 (GCVE-0-2025-36001)
Vulnerability from cvelistv5 – Published: 2026-01-30 21:28 – Updated: 2026-02-02 16:30
VLAI
Title
IBM Db2 Denial of Service
Summary
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7257616 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Db2 for Linux, UNIX and Windows |
Affected:
11.5.0 , ≤ 11.5.9
(semver)
Affected: 12.1.0 , ≤ 12.1.3 (semver) cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:linux:*:* cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:unix:*:* cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:aix:*:* cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:windows:*:* cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:zos:*:* cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:linux:*:* cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:unix:*:* cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:aix:*:* cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:windows:*:* cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:zos:*:* cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:linux:*:* cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:unix:*:* cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:aix:*:* cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:windows:*:* cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:zos:*:* cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:linux:*:* cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:unix:*:* cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:aix:*:* cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:windows:*:* cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:zos:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-02T16:25:18.651804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T16:30:00.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:linux:*:*",
"cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:zos:*:*",
"cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:linux:*:*",
"cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:zos:*:*",
"cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:linux:*:*",
"cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:zos:*:*",
"cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:linux:*:*",
"cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:db2:12.1.3:*:*:*:*:zos:*:*"
],
"defaultStatus": "unaffected",
"product": "Db2 for Linux, UNIX and Windows",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "11.5.9",
"status": "affected",
"version": "11.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.1.3",
"status": "affected",
"version": "12.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T21:41:52.607Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7257616"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCustomers running any vulnerable modpack level of an affected Program, V11.5, and V12.1, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent level for each impacted release: V11.5.9, and V12.1.2. They can be applied to any affected level of the appropriate release to remediate this vulnerability.\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eRelease\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eFixed in mod pack\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eAPAR\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eDownload URL\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eV11.5\u003c/td\u003e\u003ctd\u003eTBD\u003c/td\u003e\u003ctd\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/mysupport/s/defect/aCIKe000000g3q4/dt435792\"\u003eDT435792\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eSpecial Build #66394 or later for V11.5.9 available at this link:\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7087189\"\u003ehttps://www.ibm.com/support/pages/node/7087189\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eV12.1\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003ev12.1.3\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/mysupport/s/defect/aCIKe000000g3q4/dt435792\"\u003eDT435792\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eSpecial Build #72296 or later for V12.1.2 available at this link:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/db2-v1212-published-cumulative-special-build-downloads\"\u003ehttps://www.ibm.com/support/pages/db2-v1212-published-cumulative-special-build-downloads\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e12.1.3 Latest\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/db2-v1213-published-cumulative-special-build-downloads\"\u003ehttps://www.ibm.com/support/pages/db2-v1213-published-cumulative-special-build-downloads\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "Customers running any vulnerable modpack level of an affected Program, V11.5, and V12.1, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent level for each impacted release: V11.5.9, and V12.1.2. They can be applied to any affected level of the appropriate release to remediate this vulnerability.\n\n\u00a0\n\nReleaseFixed in mod packAPARDownload URLV11.5TBD https://www.ibm.com/support/pages/node/7087189 \n\nV12.1\n\n\u00a0\n\nv12.1.3\n\n\u00a0\n\n https://www.ibm.com/support/pages/db2-v1212-published-cumulative-special-build-downloads \n\n\n12.1.3 Latest\n https://www.ibm.com/support/pages/db2-v1213-published-cumulative-special-build-downloads"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Db2 Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-36001",
"datePublished": "2026-01-30T21:28:15.037Z",
"dateReserved": "2025-04-15T21:16:05.532Z",
"dateUpdated": "2026-02-02T16:30:00.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-36158 (GCVE-0-2025-36158)
Vulnerability from cvelistv5 – Published: 2025-11-20 21:19 – Updated: 2025-11-20 21:36
VLAI
Title
IBM Concert Information Disclosure
Summary
IBM Concert 1.0.0 through 2.0.0 could allow a local user with specific permission to obtain sensitive information from files due to uncontrolled recursive directory copying.
Severity
5.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7252019 | vendor-advisorypatch |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-20T21:35:54.418311Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T21:36:03.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:concert:2.0.0:*:*:*:*:*:*:*"
],
"product": "Concert",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "2.0.0",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Concert 1.0.0 through 2.0.0 could allow a local user with specific permission to obtain sensitive information from files due to uncontrolled recursive directory copying.\u003c/p\u003e"
}
],
"value": "IBM Concert 1.0.0 through 2.0.0 could allow a local user with specific permission to obtain sensitive information from files due to uncontrolled recursive directory copying."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T21:19:26.619Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7252019"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRemediation/Fixes IBM strongly recommends addressing the vulnerabilities now by upgrading to IBM Concert Software 2.1.0 Download IBM Concert Software 2.1.0 from Container software library section of IBM Entitled Registry ( ICR ) and follow installation instructions depending on the type of deployment.\u003c/p\u003e"
}
],
"value": "Remediation/Fixes IBM strongly recommends addressing the vulnerabilities now by upgrading to IBM Concert Software 2.1.0 Download IBM Concert Software 2.1.0 from Container software library section of IBM Entitled Registry ( ICR ) and follow installation instructions depending on the type of deployment."
}
],
"title": "IBM Concert Information Disclosure",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-36158",
"datePublished": "2025-11-20T21:19:26.619Z",
"dateReserved": "2025-04-15T21:16:20.814Z",
"dateUpdated": "2025-11-20T21:36:03.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43708 (GCVE-0-2025-43708)
Vulnerability from cvelistv5 – Published: 2025-04-17 00:00 – Updated: 2025-04-17 19:22
VLAI
Summary
VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an "insecure deserialization" issue.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43708",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T19:22:34.982107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T19:22:56.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "VisiCut",
"vendor": "VisiCut",
"versions": [
{
"lessThanOrEqual": "2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference=\u0027../../../set/set[2]\u0027 is used, aka an \"insecure deserialization\" issue."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T00:25:39.027Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Gelcon/PoC-of-VisiCut2_1-Stack-Overflow-Vul"
},
{
"url": "https://github.com/t-oster/VisiCut"
},
{
"url": "https://visicut.org"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-43708",
"datePublished": "2025-04-17T00:00:00.000Z",
"dateReserved": "2025-04-17T00:00:00.000Z",
"dateUpdated": "2025-04-17T19:22:56.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43718 (GCVE-0-2025-43718)
Vulnerability from cvelistv5 – Published: 2025-10-01 00:00 – Updated: 2025-10-06 17:41
VLAI
Summary
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated functions in PDFDoc, with deep recursion in the regex executor (std::__detail::_Executor).
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| freedesktop | Poppler |
Affected:
24.06.1 , < 25.04.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43718",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T19:15:35.569243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T17:41:43.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Poppler",
"vendor": "freedesktop",
"versions": [
{
"lessThan": "25.04.0",
"status": "affected",
"version": "24.06.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*",
"versionEndExcluding": "25.04.0",
"versionStartIncluding": "24.06.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated functions in PDFDoc, with deep recursion in the regex executor (std::__detail::_Executor)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-03T16:33:09.311Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672117c250420787c8c006de98e8c7408"
},
{
"url": "https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-43718.md"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-43718",
"datePublished": "2025-10-01T00:00:00.000Z",
"dateReserved": "2025-04-17T00:00:00.000Z",
"dateUpdated": "2025-10-06T17:41:43.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4565 (GCVE-0-2025-4565)
Vulnerability from cvelistv5 – Published: 2025-06-16 14:50 – Updated: 2025-06-16 15:39
VLAI
Title
Unbounded recursion in Python Protobuf
Summary
Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| protocolbuffers | Python-Protobuf |
Affected:
0 , < 4.25.8
(semver)
Affected: 0 , < 5.29.5 (semver) Affected: 0 , < 6.31.1 (semver) |
Date Public
2025-05-12 22:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4565",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T15:38:57.654894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T15:39:18.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/protocolbuffers/protobuf/",
"defaultStatus": "unaffected",
"packageName": "protobuf",
"product": "Python-Protobuf",
"programFiles": [
"python/google/protobuf/internal/decoder.py"
],
"repo": "https://github.com/protocolbuffers/protobuf/",
"vendor": "protocolbuffers",
"versions": [
{
"lessThan": "4.25.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.29.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "6.31.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pypi.org/project/protobuf/",
"defaultStatus": "unaffected",
"product": "Python-Protobuf",
"repo": "https://pypi.org/project/protobuf/",
"vendor": "protocolbuffers",
"versions": [
{
"lessThan": "4.25.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.29.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "6.31.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexis Challande - Trail of Bits Ecosystem Security Team"
}
],
"datePublic": "2025-05-12T22:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAny project that uses \u003c/span\u003e\u003cstrong\u003eProtobuf Pure-Python backend\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;to parse untrusted Protocol Buffers data containing an arbitrary number of recursive \u003c/span\u003e\u003ccode\u003egroup\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es, recursive \u003c/span\u003e\u003ccode\u003emessage\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es or a series of \u003c/span\u003e\u003ccode\u003eSGROUP\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u0026gt;6.31.1 or beyond commit\u0026nbsp;17838beda2943d08b8a9d4df5b68f5f04f26d901\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Any project that uses Protobuf Pure-Python backend\u00a0to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP\u00a0tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit\u00a017838beda2943d08b8a9d4df5b68f5f04f26d901"
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T14:50:40.906Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unbounded recursion in Python Protobuf",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2025-4565",
"datePublished": "2025-06-16T14:50:40.906Z",
"dateReserved": "2025-05-12T05:48:12.941Z",
"dateUpdated": "2025-06-16T15:39:18.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48924 (GCVE-0-2025-48924)
Vulnerability from cvelistv5 – Published: 2025-07-11 14:56 – Updated: 2025-11-04 22:06
VLAI
Title
Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs
Summary
Uncontrolled Recursion vulnerability in Apache Commons Lang.
This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0.
The methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a
StackOverflowError could cause an application to stop.
Users are recommended to upgrade to version 3.18.0, which fixes the issue.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Commons Lang |
Affected:
2.0 , ≤ 2.6
(maven)
|
|
| Apache Software Foundation | Apache Commons Lang |
Affected:
3.0 , < 3.18.0
(maven)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T16:36:59.432024Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T16:37:02.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:06:40.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/07/11/1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unknown",
"packageName": "commons-lang:commons-lang",
"product": "Apache Commons Lang",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.6",
"status": "affected",
"version": "2.0",
"versionType": "maven"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.commons:commons-lang3",
"product": "Apache Commons Lang",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "3.18.0",
"status": "affected",
"version": "3.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "OSS-Fuzz Issue 42522972"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUncontrolled Recursion vulnerability in Apache Commons Lang.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Commons Lang: Starting with\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecommons-lang:commons-lang\u0026nbsp;\u003c/span\u003e2.0 to 2.6, and, from org.apache.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecommons:commons-lang3 3.0 before\u0026nbsp;\u003c/span\u003e3.18.0.\u003c/p\u003e\u003cp\u003eThe methods ClassUtils.getClass(...) can throw\u0026nbsp;StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a \nStackOverflowError could\u0026nbsp;cause an application to stop.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 3.18.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Uncontrolled Recursion vulnerability in Apache Commons Lang.\n\nThis issue affects Apache Commons Lang: Starting with\u00a0commons-lang:commons-lang\u00a02.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before\u00a03.18.0.\n\nThe methods ClassUtils.getClass(...) can throw\u00a0StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a \nStackOverflowError could\u00a0cause an application to stop.\n\nUsers are recommended to upgrade to version 3.18.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-11T14:56:58.049Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-48924",
"datePublished": "2025-07-11T14:56:58.049Z",
"dateReserved": "2025-05-28T15:06:51.476Z",
"dateUpdated": "2025-11-04T22:06:40.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5302 (GCVE-0-2025-5302)
Vulnerability from cvelistv5 – Published: 2025-08-25 15:03 – Updated: 2025-08-25 15:41
VLAI
Title
Denial of Service (DOS) in JSONReader in run-llama/llama_index
Summary
A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. The issue is resolved in version 0.12.38.
Severity
8.6 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| run-llama | run-llama/llama_index |
Affected:
unspecified , < 0.12.38
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5302",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-25T15:40:17.719250Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T15:41:08.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "run-llama/llama_index",
"vendor": "run-llama",
"versions": [
{
"lessThan": "0.12.38",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. The issue is resolved in version 0.12.38."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T15:03:18.097Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/70041b81-de9e-4046-8c0e-6ccd557048a6"
},
{
"url": "https://github.com/run-llama/llama_index/commit/c032843a02ce38fd8f284b2aa5a37fd1c17ae635"
}
],
"source": {
"advisory": "70041b81-de9e-4046-8c0e-6ccd557048a6",
"discovery": "EXTERNAL"
},
"title": "Denial of Service (DOS) in JSONReader in run-llama/llama_index"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2025-5302",
"datePublished": "2025-08-25T15:03:18.097Z",
"dateReserved": "2025-05-28T10:16:07.938Z",
"dateUpdated": "2025-08-25T15:41:08.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53605 (GCVE-0-2025-53605)
Vulnerability from cvelistv5 – Published: 2025-07-05 00:00 – Updated: 2025-07-08 14:35
VLAI
Summary
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| stepancheg | protobuf |
Affected:
0 , < 3.7.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T13:10:30.648808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:35:48.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "protobuf",
"vendor": "stepancheg",
"versions": [
{
"lessThan": "3.7.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-05T00:53:48.153Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/stepancheg/rust-protobuf/issues/749"
},
{
"url": "https://rustsec.org/advisories/RUSTSEC-2024-0437"
},
{
"url": "https://crates.io/crates/protobuf"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-53605",
"datePublished": "2025-07-05T00:00:00.000Z",
"dateReserved": "2025-07-05T00:00:00.000Z",
"dateUpdated": "2025-07-08T14:35:48.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53864 (GCVE-0-2025-53864)
Vulnerability from cvelistv5 – Published: 2025-07-11 00:00 – Updated: 2025-09-23 18:38
VLAI
Summary
Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2id product could have checked the JSON object nesting depth, regardless of what limits (if any) were imposed by Gson.
Severity
5.8 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Connect2id | Nimbus JOSE+JWT |
Affected:
0 , < 10.0.2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53864",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-11T13:28:35.322634Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-11T13:28:38.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/583/stackoverflowerror-due-to-deeply-nested"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nimbus JOSE+JWT",
"vendor": "Connect2id",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2id product could have checked the JSON object nesting depth, regardless of what limits (if any) were imposed by Gson."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T18:38:15.547Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/583/stackoverflowerror-due-to-deeply-nested"
},
{
"url": "https://github.com/google/gson/compare/gson-parent-2.11.0...gson-parent-2.12.0"
},
{
"url": "https://github.com/google/gson/commit/1039427ff0100293dd3cf967a53a55282c0fef6b"
},
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f7fb882cc08f027c9ceb874acec3b51c6222861c"
},
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/593/back-port-cve-2025-53864-fix-to-9x-branch"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-53864",
"datePublished": "2025-07-11T00:00:00.000Z",
"dateReserved": "2025-07-11T00:00:00.000Z",
"dateUpdated": "2025-09-23T18:38:15.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Implementation
Description:
- Ensure that an end condition will be reached under all logic conditions. The end condition may include checking against the depth of recursion and exiting with an error if the recursion goes too deep. The complexity of the end condition contributes to the effectiveness of this action.
Mitigation
Phase: Implementation
Description:
- Increase the stack size.
CAPEC-230: Serialized Data with Nested Payloads
Applications often need to transform data in and out of a data format (e.g., XML and YAML) by using a parser. It may be possible for an adversary to inject data that may have an adverse effect on the parser when it is being processed. Many data format languages allow the definition of macro-like structures that can be used to simplify the creation of complex structures. By nesting these structures, causing the data to be repeatedly substituted, an adversary can cause the parser to consume more resources while processing, causing excessive memory consumption and CPU utilization.
CAPEC-231: Oversized Serialized Data Payloads
An adversary injects oversized serialized data payloads into a parser during data processing to produce adverse effects upon the parser such as exhausting system resources and arbitrary code execution.