CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1052 vulnerabilities reference this CWE, most recent first.
GHSA-P4GW-2VRQ-J64Q
Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-05-24 17:07In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
{
"affected": [],
"aliases": [
"CVE-2019-20421"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-27T05:15:00Z",
"severity": "HIGH"
},
"details": "In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.",
"id": "GHSA-p4gw-2vrq-j64q",
"modified": "2022-05-24T17:07:27Z",
"published": "2022-05-24T17:07:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20421"
},
{
"type": "WEB",
"url": "https://github.com/Exiv2/exiv2/issues/1011"
},
{
"type": "WEB",
"url": "https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4270-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4958"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P4QW-7J9G-5H53
Vulnerability from github – Published: 2025-04-07 21:11 – Updated: 2025-04-08 17:49Impact
Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this range could result in a negative result upon applying the >> operator, leading to an infinite loop.
In addition, number encoding had a few other issues that resulted it in it not encoding values correctly.
Patches
The issue is patched in version 1.0.4. Users are recommended to upgrade as soon as possible.
Workarounds
If upgrading is not an option, the issue can be mitigated by validating inputs to Asn1Integer to ensure that they are not smaller than -2**31 + 1 and no larger than 2**31 - 1. Although Asn1Integer supports bigint inputs, some additional implementation issues make using bigint as a mitigation inviable, as it will result in incorrect values.
If upgrading is not an option and range checks are impractical or undesirable, input to Asn1Integer can be provided as a buffer to be used directly. Note that this requires computing the correct DER encoding externally.
References
N/A
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@apeleghq/asn1-der"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-32029"
],
"database_specific": {
"cwe_ids": [
"CWE-1335",
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-07T21:11:19Z",
"nvd_published_at": "2025-04-07T21:15:42Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nIncorrect `number` DER encoding can lead to denial on service for absolute values in the range `2**31` -- `2**32 - 1`. The arithmetic in the `numBitLen` didn\u0027t take into account that values in this range could result in a negative result upon applying the `\u003e\u003e` operator, leading to an infinite loop.\n\nIn addition, `number` encoding had a few other issues that resulted it in it not encoding values correctly.\n\n### Patches\n\nThe issue is patched in version `1.0.4`. Users are recommended to upgrade as soon as possible.\n\n### Workarounds\n\nIf upgrading is not an option, the issue can be mitigated by validating inputs to `Asn1Integer` to ensure that they are not smaller than `-2**31 + 1` and no larger than `2**31 - 1`. Although `Asn1Integer` supports `bigint` inputs, some additional implementation issues make using `bigint` as a mitigation inviable, as it will result in incorrect values.\n\nIf upgrading is not an option and range checks are impractical or undesirable, input to `Asn1Integer` can be provided as a buffer to be used directly. Note that this requires computing the correct DER encoding externally.\n\n### References\n\nN/A",
"id": "GHSA-p4qw-7j9g-5h53",
"modified": "2025-04-08T17:49:39Z",
"published": "2025-04-07T21:11:19Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ApelegHQ/ts-asn1-der/security/advisories/GHSA-p4qw-7j9g-5h53"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32029"
},
{
"type": "WEB",
"url": "https://github.com/ApelegHQ/ts-asn1-der/commit/b2bc9032cbe19755d234a27d79e47a7e52993af8"
},
{
"type": "PACKAGE",
"url": "https://github.com/ApelegHQ/ts-asn1-der"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "ts-asn1-der has Incorrect DER Encoding of Numbers Leading to Denial of Service and Incorrect Value Representation"
}
GHSA-P4RV-2523-RG59
Vulnerability from github – Published: 2022-05-01 01:52 – Updated: 2022-05-01 01:52FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings.
{
"affected": [],
"aliases": [
"CVE-2005-0851"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2005-05-02T04:00:00Z",
"severity": "MODERATE"
},
"details": "FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings.",
"id": "GHSA-p4rv-2523-rg59",
"modified": "2022-05-01T01:52:39Z",
"published": "2022-05-01T01:52:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0851"
},
{
"type": "WEB",
"url": "http://sourceforge.net/project/shownotes.php?group_id=21558\u0026release_id=314473"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/12865"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P53Q-5J5X-MJ95
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2023-02-04 00:30An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.
{
"affected": [],
"aliases": [
"CVE-2019-17349"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-08T01:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.",
"id": "GHSA-p53q-5j5x-mj95",
"modified": "2023-02-04T00:30:37Z",
"published": "2022-05-24T16:58:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17349"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2020/Jan/21"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4602"
},
{
"type": "WEB",
"url": "https://xenbits.xen.org/xsa/advisory-295.html"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-295.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P5MR-2VJP-C5M9
Vulnerability from github – Published: 2023-03-24 21:30 – Updated: 2023-03-29 18:30In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246750467
{
"affected": [],
"aliases": [
"CVE-2023-20999"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-24T20:15:00Z",
"severity": "MODERATE"
},
"details": "In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246750467",
"id": "GHSA-p5mr-2vjp-c5m9",
"modified": "2023-03-29T18:30:30Z",
"published": "2023-03-24T21:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20999"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2023-03-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P5XV-5G6H-QW33
Vulnerability from github – Published: 2023-09-13 18:31 – Updated: 2024-05-22 18:30A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflate_buffer function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.
{
"affected": [],
"aliases": [
"CVE-2023-3255"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-13T17:15:09Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.",
"id": "GHSA-p5xv-5g6h-qw33",
"modified": "2024-05-22T18:30:37Z",
"published": "2023-09-13T18:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3255"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2135"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2962"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-3255"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218486"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20231020-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P685-5HHQ-666F
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.
{
"affected": [],
"aliases": [
"CVE-2017-18236"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-15T19:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.",
"id": "GHSA-p685-5hhq-666f",
"modified": "2022-05-13T01:44:37Z",
"published": "2022-05-13T01:44:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18236"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2048"
},
{
"type": "WEB",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=102484"
},
{
"type": "WEB",
"url": "https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00013.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3668-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P699-3WGC-7H72
Vulnerability from github – Published: 2018-10-17 15:43 – Updated: 2023-02-28 22:57Versions of the package org.apache.tika:tika-parsers before version 1.18 are vulnerable to Denial of Service (DoS) via a carefully crafted (or fuzzed) file that can trigger an infinite loop via the ChmParser.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tika:tika-parsers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-1339"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:48:16Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "Versions of the package `org.apache.tika:tika-parsers` before version 1.18 are vulnerable to Denial of Service (DoS) via a carefully crafted (or fuzzed) file that can trigger an infinite loop via the ChmParser.",
"id": "GHSA-p699-3wgc-7h72",
"modified": "2023-02-28T22:57:51Z",
"published": "2018-10-17T15:43:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1339"
},
{
"type": "WEB",
"url": "https://github.com/apache/tika/commit/1b6ca3685c196cfd89f5f95c19cc919ce10c5aff#diff-43f8cbe58aaab159ce88bd95fafc46dd"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2669"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tika"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "org.apache.tika:tika-parsers has an Infinite Loop vulnerability"
}
GHSA-P6MJ-RQHQ-7523
Vulnerability from github – Published: 2022-09-02 00:01 – Updated: 2022-09-08 00:00An infinite loop may be triggered in display_debug_abbrev() function in binutils/dwarf.c while opening a crafted ELF, which may lead to denial of service by a local attacker.
{
"affected": [],
"aliases": [
"CVE-2022-38128"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-01T21:15:00Z",
"severity": "MODERATE"
},
"details": "An infinite loop may be triggered in display_debug_abbrev() function in binutils/dwarf.c while opening a crafted ELF, which may lead to denial of service by a local attacker.",
"id": "GHSA-p6mj-rqhq-7523",
"modified": "2022-09-08T00:00:33Z",
"published": "2022-09-02T00:01:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38128"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29370"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P7R7-9M7F-QM95
Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:36PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).
{
"affected": [],
"aliases": [
"CVE-2017-8053"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-22T21:59:00Z",
"severity": "MODERATE"
},
"details": "PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).",
"id": "GHSA-p7r7-9m7f-qm95",
"modified": "2025-04-20T03:36:29Z",
"published": "2022-05-13T01:47:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8053"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2017/04/22/1"
},
{
"type": "WEB",
"url": "http://www.evernote.com/l/AnGe5jS_MvNDaZvZW-fzvV37H4ggSf5IkQo"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.