AdvanceCOMP 安全漏洞

AdvanceCOMP is a cross-platform command line tool for data compression. The product is capable of optimizing compressed files and reducing compressed file size. A security vulnerability exists in AdvanceCOMP that stems from a segmentation error flaw resulting in reduced usability...

golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding

A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests...

golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding

A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests...

golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding

A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests...

curl: HTTP multi-header compression denial of service

A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors...

curl: HTTP multi-header compression denial of service

A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors...

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2023-1993)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the 'chained' HTTP compressio...

EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2023-2014)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the 'chained' HTTP compressio...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2014)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: qatzip security and bug fix update

An update for qatzip is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

[SECURITY] [DLA 3439-1] libwebp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3439-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 31, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

RLSA-2023:2076 Important: libwebp security update

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...

go-toolset:ol8 security update

delve 1.9.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.9.1-1 - Rebase to 1.9.1 - Related: rhbz2131026 golang 1.19.9-1 - Rebase to Go 1.19.9 - Resolves: rhbz2204473 go-toolset 1.19.9-1 - Rebase to Go 1.19.9 - Resolves: rhbz2204473...

The vulnerability of the ParseAttribs function in the XML data compression tool Xmill allows a attacker to execute arbitrary code.

The vulnerability of the ParseAttribs function in the XML data compression tool Xmill is related to memory corruption caused by a specially crafted XML file. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Vulnerability of the Decompression Enumeration function in Uncompressor::UncompressItem. This compression tool for XML data allows attackers to execute arbitrary code.

Vulnerability of Decompression Enumeration function: Uncompressor::UncompressItem, an XML data compression tool, is vulnerable to a memory boundary error during XML file processing. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

curl security update

7.76.1-23.el92.1 - fix FTP too eager connection reuse CVE-2023-27535 7.76.1-23 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.76.1-22 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.76.1-21 - fix POST following PUT confusion CVE-2022-32221...

curl security update

7.76.1-23 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.76.1-22 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.76.1-21 - fix POST following PUT confusion CVE-2022-32221 7.76.1-20 - control code in cookie denial of service CVE-2022-35252...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1862)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-1862)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the 'chained' HTTP compression algorithms,...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1838)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...