CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

Parent: CWE-834 - Excessive Iteration

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

825 vulnerabilities with CWE-835
CVE-2022-21159 HIGH
libiec61850 1.5.0 - Denial of Service via Malformed IEC61850 Messages
CVSS 7.5
CVE-2022-24191 MEDIUM
htmldoc 1.9.14 - Infinite Loop and Buffer Overflow via GIF LZW Decompression
CVSS 5.5
CVE-2022-1222 MEDIUM
gpac < 2.0 - Denial of Service via Infinite Loop
CVSS 5.5
CVE-2022-24763 HIGH
PJSIP < 2.13 - Denial of Service via XML Parser Infinite Loop
CVSS 7.5
CVE-2022-23352 HIGH
BigAnt Server 5.6.06 - Denial of Service via Infinite Loop
CVSS 7.5
CVE-2022-0778 HIGH
OpenSSL 1.0.2-1.0.2zc, 1.1.1-1.1.1m, 3.0.0-3.0.1 - Denial of Service via BN_mod_sqrt Infinite Loop
CVSS 7.5
CVE-2022-0711 HIGH
HAProxy 2.2.0-2.2.20 - Denial of Service via Set-Cookie2 Header Processing
CVSS 7.5
CVE-2022-23641 MEDIUM
Discourse < 2.8.1 - Denial of Service via Streaming URL Onebox Parsing
CVSS 6.5
CVE-2022-0586 MEDIUM
Wireshark 3.4.0-3.4.11 and 3.6.0-3.6.1 - Denial of Service via RTMPT Protocol Dissector Infinite Loop
CVSS 6.3
CVE-2022-23833 HIGH
Django 2.2-2.2.26, 3.2-3.2.11, 4.0-4.0.1 - Denial of Service via MultiPartParser Infinite Loop
CVSS 7.5
CVE-2022-23596 HIGH
junrar < 7.4.1 - Infinite Loop via Crafted RAR Archive
CVSS 7.5
CVE-2022-23098 HIGH
Intel ConnMan < 1.40 - Denial of Service via DNS Proxy TCP Server
CVSS 7.5
CVE-2022-23968 HIGH
Xerox VersaLink Firmware < 42.01 - Unauthenticated Denial of Service via Crafted TIFF File
CVSS 7.5
CVE-2022-23437 MEDIUM
Apache Xerces-J < 2.12.1 - Denial of Service via Infinite Loop in XML Parser
CVSS 6.5
CVE-2021-47617 MEDIUM
Linux kernel 4.19.149-4.19.233 - Infinite Loop in PCIe Hotplug IRQ Handler
CVSS 5.5
CVE-2021-47448 MEDIUM
Linux Kernel 5.6-5.14.14 - Denial of Service via MPTCP recvmsg Infinite Loop
CVSS 5.5
CVE-2021-47406 MEDIUM
Linux Kernel 5.10-5.10.70 - Infinite Loop in ext4_ext_replay_set_iblocks
CVSS 5.5
CVE-2021-47159 MEDIUM
Linux Kernel 4.7-4.19.193 - Denial of Service via Negative Error Code in DSA get_sset_count Loop
CVSS 5.5
CVE-2021-42143 CRITICAL
Contiki-NG tinyDTLS < 2018-08-30 - Denial of Service via Malformed ClientHello Cipher Suite Length
CVSS 9.1
CVE-2021-33294 MEDIUM
elfutils 0.183 - Denial of Service via Infinite Loop in handle_symtab
CVSS 5.5
CVE-2021-33642 MEDIUM
byacc < 1.9.20200330 - Denial of Service via Infinite Loop in more_curly()
CVSS 5.5
CVE-2021-37819 HIGH
pdftk-java 3.2.3 - Denial of Service via Infinite Loop in PdfReader
CVSS 7.5
CVE-2021-44718 MEDIUM
wolfssl < 5.0.0 - Denial of Service via TLS Message Spoofing
CVSS 5.9
CVE-2021-46828 HIGH
libtirpc < 1.3.3 - Denial of Service via TCP Connection Mishandling
CVSS 7.5
CVE-2021-40592 MEDIUM
GPAC < 1.0.1 - Denial of Service via Infinite Loop in ISOBMFF Reader
CVSS 5.5
Details
Vulnerabilities 825
Links
MITRE CWE Entry Search this CWE With Exploits