VYPR

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

BaseIncomplete

Description

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (456)

page 14 of 23
  • CVE-2026-35406MedApr 7, 2026
    risk 0.33cvss 6.2epss 0.00

    Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This vulnerability is fixed in 1.17.1.

  • CVE-2026-4179MedMar 16, 2026
    risk 0.33cvss 6.1epss 0.00

    Issues in stm32 USB device driver (drivers/usb/device/usb_dc_stm32.c) can lead to an infinite while loop.

  • CVE-2024-5569MedJul 9, 2024
    risk 0.33cvss 6.2epss 0.00

    A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython,…

  • CVE-2024-2397MedApr 12, 2024
    risk 0.33cvss 6.2epss 0.00

    Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.

  • CVE-2015-8785MedFeb 8, 2016
    risk 0.33cvss 6.2epss 0.01

    The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

  • CVE-2023-50763MedJun 11, 2024
    risk 0.32cvss 4.9epss 0.00

    A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL…

  • CVE-2018-10912MedJul 23, 2018
    risk 0.32cvss 4.9epss 0.01

    keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite loop. A malicious authenticated user could use this flaw to achieve Denial…

  • CVE-2026-48733MedJun 10, 2026
    risk 0.31cvss 4.7epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and…

  • CVE-2024-24788MedMay 8, 2024
    risk 0.31cvss 5.9epss 0.01

    A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.

  • CVE-2026-46146MedMay 28, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() The convert_chmap_v3() has a loop with its increment size of cs_desc->wLength, but we forgot to validate cs_desc->wLength itself, which may…

  • CVE-2026-42310MedMay 9, 2026
    risk 0.29cvss 5.5epss 0.00

    Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0.

  • CVE-2026-43096MedMay 6, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions without proper permissions. Currently, mshv_handle_gpa_intercept() attempts to…

  • CVE-2026-6536MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4

  • CVE-2026-6534MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6531MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6528MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service

  • CVE-2026-6523MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6522MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6521MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6520MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service