CWE-674
Uncontrolled Recursion
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
We have discovered 657,282 live websites that are affected by CWE-674.
CVEs
- Count - 10
CWE References
Website Distribution by Country
Number of websites using CWE-674 United States | 331,777 websites |
 France | 164,897 websites |
 Germany | 21,949 websites |
 Japan | 18,900 websites |
 Russia | 16,552 websites |
 Netherlands | 8,915 websites |
 Brazil | 8,313 websites |
 China | 6,606 websites |
 Spain | 6,293 websites |
 GB | 5,284 websites |
Website Distribution by TLD
Number of websites using CWE-674| .com | 343,143 websites |
| .fr | 64,329 websites |
| .org | 42,210 websites |
| .net | 20,877 websites |
| .ru | 14,534 websites |
| .de | 13,930 websites |
| .ca | 10,193 websites |
| .com.br | 8,565 websites |
| .be | 8,161 websites |
| .pl | 7,999 websites |
Newest CVEs
List of the most recent CVEs that are part of CWE-674| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Oct, 2024 | CVE-2024-47831 | Next.js image optimization has Denial of Service condition | 2 |
| Mar, 2024 | CVE-2024-28243 | KaTeX's maxExpand bypassed by \edef | 4,522 |
| Mar, 2024 | CVE-2024-28244 | KaTeX's maxExpand bypassed by Unicode sub/superscripts | 1,416 |
| Dec, 2023 | CVE-2023-50269 | SQUID-2023:10 Denial of Service in HTTP Request parsing | 9,281 |
| Dec, 2022 | CVE-2022-23500 | TYPO3 subject to Uncontrolled Recursion resulting in Denial of Service | 1 |
| Sep, 2022 | CVE-2022-31628 | phar wrapper can occur dos when using quine gzip file | 643,062 |
| Apr, 2022 | CVE-2022-28773 | Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the a... | 121 |
| May, 2021 | CVE-2021-29615 | Stack overflow in `ParseAttrValue` with nested tensors | 57 |
| Mar, 2021 | CVE-2021-21359 | Denial of Service in Page Error Handling | 1 |
| Mar, 2021 | CVE-2020-1898 | The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a ma... | 300 |
The most widespread CVEs
List of the most common CVEs that are part of CWE-674| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Sep, 2022 | CVE-2022-31628 | phar wrapper can occur dos when using quine gzip file | 643,062 |
| Dec, 2023 | CVE-2023-50269 | SQUID-2023:10 Denial of Service in HTTP Request parsing | 9,281 |
| Mar, 2024 | CVE-2024-28243 | KaTeX's maxExpand bypassed by \edef | 4,522 |
| Mar, 2024 | CVE-2024-28244 | KaTeX's maxExpand bypassed by Unicode sub/superscripts | 1,416 |
| Mar, 2021 | CVE-2020-1898 | The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a ma... | 300 |
| Apr, 2022 | CVE-2022-28773 | Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the a... | 121 |
| May, 2021 | CVE-2021-29615 | Stack overflow in `ParseAttrValue` with nested tensors | 57 |
| Oct, 2024 | CVE-2024-47831 | Next.js image optimization has Denial of Service condition | 2 |
| Mar, 2021 | CVE-2021-21359 | Denial of Service in Page Error Handling | 1 |
| Dec, 2022 | CVE-2022-23500 | TYPO3 subject to Uncontrolled Recursion resulting in Denial of Service | 1 |
Websites affected by CWE-674
Top websites that are affected by CWE-674. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.com |  Serbia | *,*** | |
| ****.*********.net | GB | *,*** | |
| *****.pl |  Poland | *,*** | |
| *******.******.ru | Russia | *,*** | |
| ***.*****.pm | United States | *,*** | |
| ***.org | United States | *,*** | |
| ****.org | United States | *,*** | |
| ***************.org | United States | *,*** | |
| *********.net | GB | *,*** | |
| **********.org | United States | *,*** |