The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
430 vulnerabilities with CWE-674
CVE-2022-38334
MEDIUM
xpdf < 4.04 - Stack Overflow in Catalog::countPageTree()
CVSS 5.5
CVE-2022-3222
MEDIUM
gpac < 2.1 - Uncontrolled Recursion
CVSS 5.5
CVE-2022-3216
MEDIUM
Nintendo Game Boy Color - Memory Corruption
CVSS 5.0
CVE-2022-23460
MEDIUM
json++ - Denial of Service via Stack Exhaustion in JSON Parsing
CVSS 5.9
CVE-2022-20382
MEDIUM
Android - Out-of-Bounds Write via Kernel Stack Overflow
CVSS 6.7
CVE-2022-30635
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30633
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30632
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30631
HIGH
Go <1.17.12, <1.18.4 - Use After Free
CVSS 7.5
CVE-2022-30630
HIGH
io/fs <1.17.12, 1.18.4 - Use After Free
CVSS 7.5
CVE-2022-28131
HIGH
Go <1.17.12, 1.18.4 - Use After Free
CVSS 7.5
CVE-2022-1962
MEDIUM
Go <1.17.12, <1.18.4 - Memory Corruption
CVSS 5.5
CVE-2022-37315
HIGH
graphql-go <0.8.0 - Info Disclosure
CVSS 7.5
CVE-2022-31173
HIGH
Juniper < 0.15.10 - Uncontrolled Recursion
CVSS 7.5
CVE-2022-31052
MEDIUM
Synapse < 1.61.1 - Denial of Service via URL Preview Recursion
CVSS 6.5
CVE-2022-31099
MEDIUM
pomsky < 0.4.3 - Denial of Service via Stack Overflow in Expression Parsing
CVSS 6.5
CVE-2022-31019
HIGH
Vapor < 4.61.1 - Denial of Service via Uncontrolled Recursion in Automatic Content Decoding
CVSS 7.5
CVE-2022-1771
MEDIUM
Vim <8.2.4975 - Denial of Service via Uncontrolled Recursion
CVSS 5.5
CVE-2022-30974
MEDIUM
Artifex MuJS <1.2.0 - Buffer Overflow
CVSS 5.5
CVE-2022-24675
HIGH
Go <1.17.9, <1.18.0 - Buffer Overflow
CVSS 7.5
CVE-2022-28773
HIGH
SAP Web Dispatcher/SAP Internet Communication Manager - DoS
CVSS 7.5
CVE-2022-23974
HIGH
Apache Pinot < 0.10.0 - Denial of Service via Segment Upload Path
CVSS 7.5
CVE-2022-27943
MEDIUM
GNU GCC 11.2 - Stack Exhaustion via Rust Demangler Recursion
CVSS 5.5
CVE-2022-24921
HIGH
Go <1.16.15, <1.17.8 - Stack Exhaustion
CVSS 7.5
CVE-2022-23606
MEDIUM
Envoy 1.20.0-1.20.1 - Denial of Service via Cluster Deletion Recursion
CVSS 4.4
Details
Vulnerabilities
430