Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-834 (过度迭代) — Vulnerability Class 22

22 vulnerabilities classified as CWE-834 (过度迭代). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-41313 pypdf: Possible long runtimes for wrong size values in incremental mode — pypdf 6.5AIMediumAI2026-04-22
CVE-2026-41168 pypdf has possible long runtimes for wrong size values in cross-reference and object streams — pypdf 4.3AIMediumAI2026-04-22
CVE-2026-27025 pypdf has possible long runtimes/large memory usage for large /ToUnicode streams — pypdf 6.5AIMediumAI2026-02-20
CVE-2025-67726 Tornado is Vulnerable to Quadratic DoS via Crafted Multipart Parameters — tornado 7.5 High2025-12-12
CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker — pypdf 6.5AIMediumAI2025-10-22
CVE-2025-6714 Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections — MongoDB Server 7.5 High2025-07-07
CVE-2024-4227 gSOAP: Vulnerable to specially crafted unencrypted SDC messages — gSOAP 7.5 High2025-01-15
CVE-2024-8049 Telerik Document Processing Improper Handling of Memory Resources — Telerik Document Processing Libraries 6.5 Medium2024-11-13
CVE-2023-5632 Unconditionally adding an event to the epoll causes excessive CPU consumption — Mosquitto 7.5 High2023-10-18
CVE-2023-33953 Denial-of-Service in gRPC — gRPC 7.5 High2023-08-09
CVE-2023-26513 Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS — Apache Sling Resource Merger 7.5 High2023-03-20
CVE-2021-39204 Excessive CPU usage in Pomerium — pomerium 7.5 High2021-09-09
CVE-2021-32778 Excessive CPU utilization when closing HTTP/2 streams — envoy 5.8 Medium2021-08-24
CVE-2021-35515 Apache Commons Compress 1.6 to 1.20 denial of service vulnerability — Apache Commons Compress 7.5 -2021-07-13
CVE-2021-31812 A carefully crafted PDF file can trigger an infinite loop while loading the file — Apache PDFBox 5.5 -2021-06-12
CVE-2021-27807 A carefully crafted PDF file can trigger an infinite loop while loading the file — Apache PDFBox 5.5 -2021-03-19
CVE-2018-20805 Invariant with $elemMatch — MongoDB Server 6.5 Medium2020-11-23
CVE-2019-3565 Facebook Thrift 输入验证错误漏洞 — Facebook Thrift 7.5 -2019-05-06
CVE-2019-3564 Facebook Thrift 输入验证错误漏洞 — Facebook Thrift 7.5 -2019-05-06
CVE-2019-3559 Facebook Thrift 输入验证错误漏洞 — Facebook Thrift 7.5 -2019-05-06
CVE-2019-3558 Facebook Thrift 输入验证错误漏洞 — Facebook Thrift 7.5 -2019-05-06
CVE-2019-3552 Facebook Thrift 输入验证错误漏洞 — Facebook Thrift 7.5 -2019-05-06

Vulnerabilities classified as CWE-834 (过度迭代) represent 22 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.