CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

Parent: CWE-834 - Excessive Iteration

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

825 vulnerabilities with CWE-835
CVE-2019-13453 MEDIUM
zipios < 0.1.7 - Denial of Service via Malformed Zip Archive Handling
CVSS 6.5
CVE-2019-6638 MEDIUM
BIG-IP 14.0.0-14.0.0.4 and 14.1.0-14.1.0.5 - Denial of Service via Malformed HTTP Request to iControl REST Endpoint
CVSS 6.5
CVE-2019-3560 HIGH
Facebook Fizz < 2019.03.04.00 - Denial of Service via PlaintextRecordLayer Buffer Length Calculation
CVSS 7.5
CVE-2019-3900 HIGH
Linux Kernel <= 5.1-rc6 - Denial of Service via Infinite Loop in vhost_net
CVSS 7.7
CVE-2019-10900 HIGH
Wireshark 3.0.0 - Denial of Service via Rbm Dissector Infinite Loop
CVSS 7.5
CVE-2019-10898 HIGH
Wireshark 3.0.0 - Denial of Service via GSUP Dissector Infinite Loop
CVSS 7.5
CVE-2019-10897 HIGH
Wireshark 3.0.0 - Denial of Service via IEEE 802.11 Dissector Infinite Loop
CVSS 7.5
CVE-2019-3833 HIGH
openwsman <= 2.6.9 - Unauthenticated Denial of Service via Malicious HTTP Request
CVSS 7.5
CVE-2019-9747 HIGH
tinysvcmdns < 2018-01-16 - Denial of Service via mDNS Compressed Label Loop
CVSS 7.5
CVE-2019-6594 MEDIUM
BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, 14.0.0-14.0.0.2 - DoS via MPTCP DATA_FIN
CVSS 5.9
CVE-2019-1000020 MEDIUM
libarchive 2.8.0-3.4.0 - Denial of Service via ISO9660 Rockridge Extension Parsing
CVSS 6.5
CVE-2019-3819 MEDIUM
Linux Kernel >= 4.18 - Denial of Service via Infinite Loop in hid_debug_events_read
CVSS 4.4
CVE-2019-6462 MEDIUM
cairo 1.16.0 - Denial of Service via Infinite Loop in _arc_error_normalized
CVSS 6.5
CVE-2019-3573 MEDIUM
libsixel v1.8.2 - Infinite Loop in sixel_decode_raw_impl
CVSS 5.5
CVE-2018-20803 MEDIUM
MongoDB 3.4.0-3.4.18 - Authenticated Denial of Service via Infinite Loop in Mathematics Processing
CVSS 6.5
CVE-2018-17202 HIGH
Apache Commons Imaging and Sanselan - Denial of Service via Infinite Loop in Image Parsing
CVSS 7.5
CVE-2018-16789 HIGH
shellinabox < 2.20 - Denial of Service via Crafted Multipart Form Data Request
CVSS 7.5
CVE-2018-20784 CRITICAL
Linux Kernel < 4.20.2 - Denial of Service via Infinite Loop in update_blocked_averages
CVSS 9.8
CVE-2018-6687 MEDIUM
McAfee GetSusp < 3.0.0.461 - Denial of Service via Crafted File Scan
CVSS 5.5
CVE-2018-5818 HIGH
LibRaw < 0.19.1 - Denial of Service via Infinite Loop in parse_rollei()
CVSS 7.5
CVE-2018-20578 HIGH
NuttX < 7.27 - Denial of Service via Infinite Loop in netlib_parsehttpurl
CVSS 7.5
CVE-2018-20482 MEDIUM
GNU Tar < 1.30 - Denial of Service via Sparse File Shrinkage
CVSS 4.7
CVE-2018-20467 MEDIUM
ImageMagick < 6.9.10-16 - Denial of Service via Infinite Loop in BMP Coder
CVSS 6.5
CVE-2018-17197 MEDIUM
Apache Tika <1.19.1 - Info Disclosure
CVSS 6.5
CVE-2018-20348 MEDIUM
libpff < 20180714 - Denial of Service via Infinite Recursion in libpff_item_tree_create_node
CVSS 5.5
Details
Vulnerabilities 825
Links
MITRE CWE Entry Search this CWE With Exploits