Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-407 (算法复杂性) — Vulnerability Class 50

50 vulnerabilities classified as CWE-407 (算法复杂性). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-40476 graphql-php: Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation — graphql-php 7.5AIHighAI2026-04-17
CVE-2026-35599 Vikunja has an Algorithmic Complexity DoS in Repeating Task Handler — vikunja 6.5 Medium2026-04-10
CVE-2026-6042 musl libc GB18030 4-byte Decoder iconv.c iconv algorithmic complexity — libc 3.3 Low2026-04-10
CVE-2026-33033 Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload — Django 5.3AIMediumAI2026-04-07
CVE-2026-34827 Rack: Algorithmic-Complexity DoS in Rack::Multipart::Parser — rack 7.5 High2026-04-02
CVE-2026-31937 Suricata dcerpc: quadratic complexity in dcerpc buffering — suricata 7.5 High2026-04-02
CVE-2026-31934 Suricata smtp/mine: quadratic complexity in extracting urls — suricata 7.5 High2026-04-02
CVE-2026-31933 Suricata stream: quadratic complexity in stream inspection — suricata 7.5 High2026-04-02
CVE-2026-31932 Suricata krb5: quadratic complexity in krb5 buffering — suricata 7.5 High2026-04-02
CVE-2026-34573 Parse Server: GraphQL complexity validator exponential fragment traversal DoS — parse-server 7.5AIHighAI2026-03-31
CVE-2026-3988 Inefficient Algorithmic Complexity in GitLab — GitLab 7.5 High2026-03-25
CVE-2026-28804 pypdf: Inefficient decoding of ASCIIHexDecode streams — pypdf 6.5 -2026-03-06
CVE-2026-27903 minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments — minimatch 7.5 High2026-02-26
CVE-2025-14831 Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification — Red Hat Enterprise Linux 10 5.3 Medium2026-02-09
CVE-2025-14550 Potential denial-of-service vulnerability via repeated headers when using ASGI — Django 7.5 -2026-02-03
CVE-2026-1285 Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods — Django 7.5 -2026-02-03
CVE-2025-14822 DoS from quadratic complexity in model.ParseHashtags — Mattermost 3.1 Low2026-01-16
CVE-2025-64460 Potential denial-of-service vulnerability in XML serializer text extraction — Django 7.5AIHighAI2025-12-02
CVE-2025-66382 libexpat 安全漏洞 — libexpat 2.9 Low2025-11-28
CVE-2025-11230 Denial of service vulnerability in HAProxy mjson library — HAProxy Community Edition 7.5 High2025-11-19
CVE-2025-64458 Potential denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows — Django 7.5 -2025-11-05
CVE-2025-62727 Starlette vulnerable to O(n^2) DoS via Range header merging in starlette.responses.FileResponse — starlette 7.5 High2025-10-28
CVE-2025-55304 Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata — exiv2 5.5 -2025-08-29
CVE-2023-30421 mJson 安全漏洞 — mjson 2.9 Low2025-04-19
CVE-2025-29908 Netty QUIC hash collision DoS attack — netty-incubator-codec-quic 5.3 Medium2025-03-31
CVE-2025-30348 Qt 安全漏洞 — Qt 5.8 Medium2025-03-21
CVE-2025-24947 Litespeed Technologie LiteSpeed QUIC(LSQUIC) 安全漏洞 — LSQUIC 5.3 Medium2025-02-20
CVE-2025-23020 Kwik 安全漏洞 — Kwik 5.3 Medium2025-02-20
CVE-2025-24946 picoquic 安全漏洞 — picoquic 5.3 Medium2025-02-20
CVE-2024-12243 Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos 5.3 Medium2025-02-10

Vulnerabilities classified as CWE-407 (算法复杂性) represent 50 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.