{"id":"PYSEC-2026-1883","summary":"Ryu Infinite Loop vulnerability","details":"`OFPFlowStats` in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via `inst.length=0`.","aliases":["CVE-2024-34487","GHSA-m9vm-8mv9-v5v3"],"modified":"2026-07-07T17:47:02.256749659Z","published":"2026-07-07T11:45:41.562774Z","references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34487"},{"type":"WEB","url":"https://github.com/faucetsdn/ryu/issues/192"},{"type":"PACKAGE","url":"https://github.com/faucetsdn/ryu"},{"type":"PACKAGE","url":"https://pypi.org/project/ryu"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-m9vm-8mv9-v5v3"}],"affected":[{"package":{"name":"ryu","ecosystem":"PyPI","purl":"pkg:pypi/ryu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"4.34"}]}],"versions":["0.2","1.0","1.1","1.2","1.3","1.4","1.5","1.6","1.7","1.8","1.9","2.0","2.1","2.2","3.1","3.10","3.11","3.12","3.13","3.15","3.17","3.18","3.19","3.2","3.20","3.20.1","3.20.2","3.22","3.23","3.23.1","3.23.2","3.24","3.25","3.25.1","3.26","3.29","3.29.1","3.3","3.30","3.4","3.5","3.6","3.7","3.8","3.9","4.0","4.1","4.10","4.11","4.12","4.13","4.14","4.15","4.16","4.17","4.18","4.19","4.2","4.2.1","4.2.2","4.20","4.21","4.22","4.23","4.24","4.25","4.26","4.27","4.29","4.3","4.30","4.31","4.32","4.33","4.34","4.4","4.5","4.6","4.7","4.8","4.8.1","4.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/ryu/PYSEC-2026-1883.yaml"}}],"schema_version":"1.7.5"}