Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-39204

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-09 Sep, 2021 | 22:10
Updated At-04 Aug, 2024 | 01:58
Rejected At-
Credits

Excessive CPU usage in Pomerium

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versions 0.14.8 and 0.15.1 contain an upgraded envoy binary with this vulnerability patched.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:09 Sep, 2021 | 22:10
Updated At:04 Aug, 2024 | 01:58
Rejected At:
▼CVE Numbering Authority (CNA)
Excessive CPU usage in Pomerium

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versions 0.14.8 and 0.15.1 contain an upgraded envoy binary with this vulnerability patched.

Affected Products
Vendor
pomerium
Product
pomerium
Versions
Affected
  • < 0.14.8
  • >= 0.15.0, < 0.15.1
Problem Types
TypeCWE IDDescription
CWECWE-834CWE-834: Excessive Iteration
Type: CWE
CWE ID: CWE-834
Description: CWE-834: Excessive Iteration
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ
x_refsource_MISC
https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
x_refsource_MISC
https://github.com/pomerium/pomerium/security/advisories/GHSA-5wjf-62hw-q78r
x_refsource_CONFIRM
Hyperlink: https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ
Resource:
x_refsource_MISC
Hyperlink: https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
Resource:
x_refsource_MISC
Hyperlink: https://github.com/pomerium/pomerium/security/advisories/GHSA-5wjf-62hw-q78r
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ
x_refsource_MISC
x_transferred
https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
x_refsource_MISC
x_transferred
https://github.com/pomerium/pomerium/security/advisories/GHSA-5wjf-62hw-q78r
x_refsource_CONFIRM
x_transferred
Hyperlink: https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/pomerium/pomerium/security/advisories/GHSA-5wjf-62hw-q78r
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:09 Sep, 2021 | 22:15
Updated At:27 Sep, 2021 | 18:30

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versions 0.14.8 and 0.15.1 contain an upgraded envoy binary with this vulnerability patched.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
envoyproxy
envoyproxy
>>envoy>>Versions up to 1.16.4(inclusive)
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
envoyproxy
envoyproxy
>>envoy>>Versions from 1.17.0(inclusive) to 1.17.4(exclusive)
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
envoyproxy
envoyproxy
>>envoy>>Versions from 1.18.0(inclusive) to 1.18.4(exclusive)
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
envoyproxy
envoyproxy
>>envoy>>1.19.0
cpe:2.3:a:envoyproxy:envoy:1.19.0:*:*:*:*:*:*:*
pomerium
pomerium
>>pomerium>>Versions before 0.14.8(exclusive)
cpe:2.3:a:pomerium:pomerium:*:*:*:*:*:*:*:*
pomerium
pomerium
>>pomerium>>0.15.0
cpe:2.3:a:pomerium:pomerium:0.15.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-834Primarynvd@nist.gov
CWE-834Secondarysecurity-advisories@github.com
CWE ID: CWE-834
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-834
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chccsecurity-advisories@github.com
Third Party Advisory
https://github.com/pomerium/pomerium/security/advisories/GHSA-5wjf-62hw-q78rsecurity-advisories@github.com
Third Party Advisory
https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJsecurity-advisories@github.com
Not Applicable
Hyperlink: https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://github.com/pomerium/pomerium/security/advisories/GHSA-5wjf-62hw-q78r
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ
Source: security-advisories@github.com
Resource:
Not Applicable

Change History

0
Information is not available yet

Similar CVEs

71Records found
CVE-2021-39924
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.92%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 00:00
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationDebian GNU/LinuxFedora Project
Product-wiresharkdebian_linuxfedoraWireshark
CWE ID-CWE-834
Excessive Iteration
CVE-2021-39923
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-1.58% / 80.84%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 16:31
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxWireshark
CWE ID-CWE-834
Excessive Iteration
CVE-2021-4021
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-7.5||HIGH
EPSS-0.29% / 52.13%
||
7 Day CHG~0.00%
Published-24 Feb, 2022 | 18:50
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS.

Action-Not Available
Vendor-n/aRadare2 (r2)
Product-radare2radare2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-834
Excessive Iteration
CVE-2023-4043
Matching Score-4
Assigner-Eclipse Foundation
ShareView Details
Matching Score-4
Assigner-Eclipse Foundation
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 12.68%
||
7 Day CHG~0.00%
Published-03 Nov, 2023 | 08:11
Updated-05 Sep, 2024 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Parsson DoS when parsing numbers from untrusted sources

In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale.

Action-Not Available
Vendor-Eclipse Foundation AISBL
Product-parssonParsson
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33953
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.07%
||
7 Day CHG+0.02%
Published-09 Aug, 2023 | 12:54
Updated-27 Sep, 2024 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service in gRPC

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…

Action-Not Available
Vendor-grpcgrpcGoogle LLC
Product-grpcgRPCgrpc
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-3552
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.40% / 59.90%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 15:15
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.

Action-Not Available
Vendor-Facebook
Product-thriftFacebook Thrift
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2023-26513
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.46% / 62.96%
||
7 Day CHG~0.00%
Published-20 Mar, 2023 | 12:20
Updated-13 Feb, 2025 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS

Excessive Iteration vulnerability in Apache Software Foundation Apache Sling Resource Merger.This issue affects Apache Sling Resource Merger: from 1.2.0 before 1.4.2.

Action-Not Available
Vendor-The Apache Software Foundation
Product-sling_resource_mergerApache Sling Resource Merger
CWE ID-CWE-834
Excessive Iteration
CVE-2019-9547
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 53.20%
||
7 Day CHG~0.00%
Published-01 Mar, 2019 | 22:00
Updated-16 Sep, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial denial of service in the SPDK vhost target, because the vhost target did not properly detect such chains.

Action-Not Available
Vendor-spdkn/a
Product-storage_performance_development_kitn/a
CWE ID-CWE-834
Excessive Iteration
CVE-2019-3564
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.56% / 67.28%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 15:15
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00.

Action-Not Available
Vendor-Facebook
Product-thriftFacebook Thrift
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-3559
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.56% / 67.28%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 15:15
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.

Action-Not Available
Vendor-Facebook
Product-thriftFacebook Thrift
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-3565
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-2.13% / 83.47%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 15:15
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.05.06.00.

Action-Not Available
Vendor-Facebook
Product-thriftFacebook Thrift
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-3558
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.77% / 72.58%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 15:15
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.

Action-Not Available
Vendor-Facebook
Product-thriftFacebook Thrift
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-35515
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.57%
||
7 Day CHG-0.00%
Published-13 Jul, 2021 | 07:15
Updated-04 Aug, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Commons Compress 1.6 to 1.20 denial of service vulnerability

When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.

Action-Not Available
Vendor-NetApp, Inc.The Apache Software FoundationOracle Corporation
Product-healthcare_data_repositorypeoplesoft_enterprise_peopletoolsprimavera_unifiercommunications_cloud_native_core_automated_test_suitecommunications_cloud_native_core_service_communication_proxybanking_digital_experiencecommunications_billing_and_revenue_managementoncommand_insightutilities_testing_acceleratorcommunications_messaging_serverfinancial_services_crime_and_compliance_management_studiocommunications_session_route_manageractive_iq_unified_managerfinancial_services_enterprise_case_managementbanking_party_managementbanking_trade_financecommunications_diameter_intelligence_hubbanking_enterprise_default_managementbanking_paymentscommunications_cloud_native_core_unified_data_repositoryflexcube_universal_bankingcommons_compressinsurance_policy_administrationcommerce_guided_searchbanking_treasury_managementbusiness_process_management_suiteApache Commons Compress
CWE ID-CWE-834
Excessive Iteration
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-3128
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.48% / 84.69%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 17:41
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ax3000rt-ac58u_firmwarert-ac88u_firmwarert-ax56u_firmwarert-ac2900rt-ac1900_firmwarert-ac85urt-ac68r_firmwarert-ax82u_firmwarert-ax68urt-ax88u_firmwarert-ac1750_b1_firmwarert-ac5300rt-ac68urt-ac68wrt-ac68rrt-ax88urt-ac5300_firmwarezenwifi_ax_\(xt8\)rt-ax68u_firmwarert-ax86urt-ac1900rt-ac68prt-ac65u_firmwarert-ac85u_firmwarert-ac68p_firmwarert-ax55_firmwarert-ac86urt-ax56urt-ac68u_firmwarert-ax86u_firmwarert-ac65urt-ax58urt-ax55rt-ac3100_firmwarert-ac68rw_firmwarert-ac88urt-ac1900urt-ac1900u_firmwarert-ac66u_b1_firmwarert-ac68rwrt-ax3000_firmwarert-ax58u_firmwarert-ac66u_b1rt-ac1900p_firmwarert-ac1900prt-ax82urt-ac2900_firmwarert-ac3100rt-ac58urt-ac86u_firmwarert-ac68w_firmwarert-ac1750_b1zenwifi_ax_\(xt8\)_firmwaren/a
CWE ID-CWE-834
Excessive Iteration
CVE-2021-23270
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.64%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 17:40
Updated-03 Aug, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.

Action-Not Available
Vendor-gargoyle-routern/a
Product-gargoylen/a
CWE ID-CWE-834
Excessive Iteration
CVE-2018-7323
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 66.55%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 22:00
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-834
Excessive Iteration
CVE-2024-4227
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.37%
||
7 Day CHG~0.00%
Published-15 Jan, 2025 | 08:00
Updated-15 Jan, 2025 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
gSOAP: Vulnerable to specially crafted unencrypted SDC messages

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS.

Action-Not Available
Vendor-Genivia
Product-gSOAP
CWE ID-CWE-834
Excessive Iteration
CVE-2018-9261
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 63.97%
||
7 Day CHG~0.00%
Published-04 Apr, 2018 | 07:00
Updated-05 Aug, 2024 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-834
Excessive Iteration
CVE-2018-7321
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.62%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 22:00
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-834
Excessive Iteration
CVE-2021-3125
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.94% / 75.33%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 17:41
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-xdr1850tl-xdr3230_firmwaretl-xdr5430tl-xdr3250tl-xdr6060tl-xdr1860_firmwaretl-xdr1850_firmwaretl-xdr5430_firmwaretl-xdr1860tl-xdr3250_firmwaretl-xdr3230tl-xdr6060_firmwaren/a
CWE ID-CWE-834
Excessive Iteration
CVE-2018-11813
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.71%
||
7 Day CHG~0.00%
Published-06 Jun, 2018 | 03:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.

Action-Not Available
Vendor-ijgn/a
Product-libjpegn/a
CWE ID-CWE-834
Excessive Iteration
  • Previous
  • 1
  • 2
  • Next
Details not found