VYPR

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

BaseIncomplete

Description

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (456)

page 11 of 23
  • CVE-2024-36288MedJun 21, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token->pages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range…

  • CVE-2024-35982MedMay 20, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all…

  • CVE-2019-3573MedJan 2, 2019
    risk 0.36cvss 5.5epss 0.01

    In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png.

  • CVE-2018-17042MedSep 14, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in dbf2txt through 2012-07-19. It is a infinite loop.

  • CVE-2018-14567MedAug 16, 2018
    risk 0.36cvss 6.5epss 0.04

    libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.

  • CVE-2018-11771MedAug 16, 2018
    risk 0.36cvss 5.5epss 0.05

    When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead…

  • CVE-2017-18267MedMay 10, 2018
    risk 0.36cvss 5.5epss 0.02

    The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

  • CVE-2018-1338MedApr 25, 2018
    risk 0.36cvss 5.5epss 0.02

    A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

  • CVE-2018-10289MedApr 22, 2018
    risk 0.36cvss 5.5epss 0.01

    In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.

  • CVE-2018-6253MedApr 2, 2018
    risk 0.36cvss 5.5epss 0.00

    NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.

  • CVE-2018-9058MedMar 27, 2018
    risk 0.36cvss 5.5epss 0.01

    In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.

  • CVE-2017-17150MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.00

    Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient…

  • CVE-2018-7453MedFeb 24, 2018
    risk 0.36cvss 5.5epss 0.01

    Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.

  • CVE-2018-7174MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.

  • CVE-2018-5786MedJan 19, 2018
    risk 0.36cvss 5.5epss 0.01

    In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.

  • CVE-2018-5686MedJan 14, 2018
    risk 0.36cvss 5.5epss 0.01

    In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.

  • CVE-2018-5650MedJan 12, 2018
    risk 0.36cvss 5.5epss 0.01

    In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.

  • CVE-2017-15024MedOct 5, 2017
    risk 0.36cvss 5.5epss 0.02

    find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.

  • CVE-2017-14934MedSep 30, 2017
    risk 0.36cvss 5.5epss 0.01

    process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file that contains a negative size value in a CU structure.

  • CVE-2017-14933MedSep 30, 2017
    risk 0.36cvss 5.5epss 0.01

    read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.