CWE-835
AllowedLoop with Unreachable Exit Condition ('Infinite Loop')
Abstraction: Base · Status: Incomplete
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
1052 vulnerabilities reference this CWE, most recent first.
GHSA-Q6GQ-997W-F55G
Vulnerability from github – Published: 2021-12-16 19:16 – Updated: 2025-10-14 19:37Withdrawn Advisory
This advisory has been withdrawn because alerts cannot be issued for the Go standard library at this time.
Original Description
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/ulikunitz/xz"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-16845"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2021-06-18T22:05:40Z",
"nvd_published_at": "2020-08-06T18:15:00Z",
"severity": "HIGH"
},
"details": "### Withdrawn Advisory\nThis advisory has been withdrawn because alerts cannot be issued for the Go standard library at this time.\n\n### Original Description\nGo before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
"id": "GHSA-q6gq-997w-f55g",
"modified": "2025-10-14T19:37:19Z",
"published": "2021-12-16T19:16:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"type": "WEB",
"url": "https://github.com/ulikunitz/xz/issues/35"
},
{
"type": "WEB",
"url": "https://github.com/ulikunitz/xz/commit/69c6093c7b2397b923acf82cb378f55ab2652b9b"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200924-0002"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4848"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Withdrawn Advisory: Infinite loop in xz",
"withdrawn": "2025-10-14T19:37:18Z"
}
GHSA-Q74V-9PHF-C8WH
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2025-04-20 03:38QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) outside the allocated descriptor buffer.
{
"affected": [],
"aliases": [
"CVE-2017-9310"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-08T16:29:00Z",
"severity": "MODERATE"
},
"details": "QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) outside the allocated descriptor buffer.",
"id": "GHSA-q74v-9phf-c8wh",
"modified": "2025-04-20T03:38:42Z",
"published": "2022-05-13T01:13:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9310"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2392"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2408"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452620"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201706-03"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=4154c7e03fa55b4cf52509a83d50d6c09d743b7"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4154c7e03fa55b4cf52509a83d50d6c09d743b7"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3920"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/05/31/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98766"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q7P8-H39R-CM7R
Vulnerability from github – Published: 2022-05-24 17:06 – Updated: 2022-05-24 17:06In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. This issue affects both SNMP over IPv4 and IPv6. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D90; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D592; 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R3-S5; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.
{
"affected": [],
"aliases": [
"CVE-2020-1600"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-15T09:15:00Z",
"severity": "MODERATE"
},
"details": "In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. This issue affects both SNMP over IPv4 and IPv6. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D90; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D592; 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R3-S5; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.",
"id": "GHSA-q7p8-h39r-cm7r",
"modified": "2022-05-24T17:06:21Z",
"published": "2022-05-24T17:06:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1600"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10979"
},
{
"type": "WEB",
"url": "https://prsearch.juniper.net/InfoCenter/index?page=prcontent\u0026id=PR1402185"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-Q7WX-433J-27HV
Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2025-03-11 12:30A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus ReadyStart (All versions), Nucleus Source Code (versions including affected IPv6 stack), VSTAR (versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.
{
"affected": [],
"aliases": [
"CVE-2021-25664"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-22T21:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in Nucleus 4 (All versions \u003c V4.1.0), Nucleus NET (All versions), Nucleus ReadyStart (All versions), Nucleus Source Code (versions including affected IPv6 stack), VSTAR (versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.",
"id": "GHSA-q7wx-433j-27hv",
"modified": "2025-03-11T12:30:58Z",
"published": "2022-05-24T17:48:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25664"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-248289.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-Q844-WPFG-W2H9
Vulnerability from github – Published: 2024-09-13 09:30 – Updated: 2024-09-19 15:30In the Linux kernel, the following vulnerability has been resolved:
libfs: fix infinite directory reads for offset dir
After we switch tmpfs dir operations from simple_dir_operations to simple_offset_dir_operations, every rename happened will fill new dentry to dest dir's maple tree(&SHMEM_I(inode)->dir_offsets->mt) with a free key starting with octx->newx_offset, and then set newx_offset equals to free key + 1. This will lead to infinite readdir combine with rename happened at the same time, which fail generic/736 in xfstests(detail show as below).
- create 5000 files(1 2 3...) under one dir
- call readdir(man 3 readdir) once, and get one entry
- rename(entry, "TEMPFILE"), then rename("TEMPFILE", entry)
- loop 2~3, until readdir return nothing or we loop too many times(tmpfs break test with the second condition)
We choose the same logic what commit 9b378f6ad48cf ("btrfs: fix infinite directory reads") to fix it, record the last_index when we open dir, and do not emit the entry which index >= last_index. The file->private_data now used in offset dir can use directly to do this, and we also update the last_index when we llseek the dir file.
[brauner: only update last_index after seek when offset is zero like Jan suggested]
{
"affected": [],
"aliases": [
"CVE-2024-46701"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-13T07:15:05Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibfs: fix infinite directory reads for offset dir\n\nAfter we switch tmpfs dir operations from simple_dir_operations to\nsimple_offset_dir_operations, every rename happened will fill new dentry\nto dest dir\u0027s maple tree(\u0026SHMEM_I(inode)-\u003edir_offsets-\u003emt) with a free\nkey starting with octx-\u003enewx_offset, and then set newx_offset equals to\nfree key + 1. This will lead to infinite readdir combine with rename\nhappened at the same time, which fail generic/736 in xfstests(detail show\nas below).\n\n1. create 5000 files(1 2 3...) under one dir\n2. call readdir(man 3 readdir) once, and get one entry\n3. rename(entry, \"TEMPFILE\"), then rename(\"TEMPFILE\", entry)\n4. loop 2~3, until readdir return nothing or we loop too many\n times(tmpfs break test with the second condition)\n\nWe choose the same logic what commit 9b378f6ad48cf (\"btrfs: fix infinite\ndirectory reads\") to fix it, record the last_index when we open dir, and\ndo not emit the entry which index \u003e= last_index. The file-\u003eprivate_data\nnow used in offset dir can use directly to do this, and we also update\nthe last_index when we llseek the dir file.\n\n[brauner: only update last_index after seek when offset is zero like Jan suggested]",
"id": "GHSA-q844-wpfg-w2h9",
"modified": "2024-09-19T15:30:49Z",
"published": "2024-09-13T09:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46701"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/308b4fc2403b335894592ee9dc212a5e58bb309f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/64a7ce76fb901bf9f9c36cf5d681328fc0fd4b5a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q8C2-FV73-QC5X
Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
{
"affected": [],
"aliases": [
"CVE-2018-18024"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-07T18:29:00Z",
"severity": "MODERATE"
},
"details": "In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.",
"id": "GHSA-q8c2-fv73-qc5x",
"modified": "2022-05-13T01:23:17Z",
"published": "2022-05-13T01:23:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18024"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1337"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4034-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q8MX-78GM-98MH
Vulnerability from github – Published: 2023-01-20 21:30 – Updated: 2023-02-02 18:30When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function.
{
"affected": [],
"aliases": [
"CVE-2021-33642"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-20T21:15:00Z",
"severity": "HIGH"
},
"details": "When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function.",
"id": "GHSA-q8mx-78gm-98mh",
"modified": "2023-02-02T18:30:30Z",
"published": "2023-01-20T21:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33642"
},
{
"type": "WEB",
"url": "https://gitee.com/src-openeuler/byacc/commit/50225f48c6b53e9d7c936681a06682404cb8ec4d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q98G-HXG3-268C
Vulnerability from github – Published: 2024-08-22 21:31 – Updated: 2025-11-04 00:31There is a HIGH severity vulnerability affecting the CPython "zipfile" module.
When iterating over names of entries in a zip archive (for example, methods of "zipfile.ZipFile" like "namelist()", "iterdir()", "extractall()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected.
{
"affected": [],
"aliases": [
"CVE-2024-8088"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-22T19:15:09Z",
"severity": "HIGH"
},
"details": "There is a HIGH severity vulnerability affecting the CPython \"zipfile\"\nmodule.\n\n\n\n\n\nWhen iterating over names of entries in a zip archive (for example, methods\nof \"zipfile.ZipFile\" like \"namelist()\", \"iterdir()\", \"extractall()\", etc)\nthe process can be put into an infinite loop with a maliciously crafted\nzip archive. This defect applies when reading only metadata or extracting\nthe contents of the zip archive. Programs that are not handling\nuser-controlled zip archives are not affected.",
"id": "GHSA-q98g-hxg3-268c",
"modified": "2025-11-04T00:31:17Z",
"published": "2024-08-22T21:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8088"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/123270"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/122905"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/122906"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html"
},
{
"type": "WEB",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20241011-0010"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/08/22/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/08/22/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/08/23/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/08/23/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:X/RE:L/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QC9P-MJXM-J2WJ
Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2023-01-24 18:32Asciidoctor in versions < 1.5.8 allows remote attackers to cause a denial of service (infinite loop). The loop was caused by the fact that Parser.next_block was not exhausting all the lines in the reader as the while loop expected it would. This was happening because the regular expression that detects any list was not agreeing with the regular expression that detects a specific list type. So the line kept getting pushed back onto the reader, hence causing the loop.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "asciidoctor"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-18385"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": true,
"github_reviewed_at": "2023-01-24T18:32:26Z",
"nvd_published_at": "2018-10-16T16:50:00Z",
"severity": "HIGH"
},
"details": "Asciidoctor in versions \u003c 1.5.8 allows remote attackers to cause a denial of service (infinite loop). The loop was caused by the fact that `Parser.next_block` was not exhausting all the lines in the reader as the while loop expected it would. This was happening because the regular expression that detects any list was not agreeing with the regular expression that detects a specific list type. So the line kept getting pushed back onto the reader, hence causing the loop.",
"id": "GHSA-qc9p-mjxm-j2wj",
"modified": "2023-01-24T18:32:26Z",
"published": "2022-05-13T01:50:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18385"
},
{
"type": "WEB",
"url": "https://github.com/asciidoctor/asciidoctor/issues/2888"
},
{
"type": "PACKAGE",
"url": "https://github.com/asciidoctor/asciidoctor"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/asciidoctor/CVE-2018-18385.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Asciidoctor Infinite Loop vulnerability"
}
GHSA-QFPF-9R3R-3X9C
Vulnerability from github – Published: 2024-10-08 18:33 – Updated: 2024-10-08 18:33Windows Standards-Based Storage Management Service Denial of Service Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-43512"
],
"database_specific": {
"cwe_ids": [
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-08T18:15:13Z",
"severity": "MODERATE"
},
"details": "Windows Standards-Based Storage Management Service Denial of Service Vulnerability",
"id": "GHSA-qfpf-9r3r-3x9c",
"modified": "2024-10-08T18:33:15Z",
"published": "2024-10-08T18:33:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43512"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43512"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.