CVE Vulnerabilities

CVE-2025-43708

Uncontrolled Recursion

Published: Apr 17, 2025 | Modified: Apr 17, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference=../../../set/set[2] is used, aka an insecure deserialization issue.

Weakness

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

Potential Mitigations

References