Internet Bug Bounty: HTTP multi-header compression denial of service

A vulnerability was discovered in curl versions 7.57.0 to 7.87.0 that allowed a malicious server to insert an unlimited number of compression steps by using many headers, resulting in a "malloc bomb" and a denial of service attack. The vulnerability was fixed in version 7.88.0 by capping the numb...

[SECURITY] [DLA 3341-1] curl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3341-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk February 24, 2023 https://wiki.debian.org/LTS -...

OESA-2023-1122 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: curl supports "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with...

CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

ALPINE-CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

Design/Logic Flaw

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

CVE-2023-23916

CVE-2023-23916 involves curl before 7.88.0 where an attacker could abuse the chained HTTP compression chain to create a degenerate decompression path. Although the cap on the number of links is per header, a malicious server can inject many headers to form an effectively unlimited decompression c...

CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

K15516: LZ4 compression vulnerability CVE-2014-4715

Security Advisory Description Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified...

K16494: phpMyAdmin vulnerability CVE-2015-2206

Security Advisory Description libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it...

K35408374: BIG-IP compression driver vulnerability CVE-2021-23044

Security Advisory Description When the Intel QuickAssist Technology QAT compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition VE platforms, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23044 Impact Traffic is disrupted whi...

K62201745: OpenSSH vulnerability CVE-2016-10012

Security Advisory Description The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allow local users to gain privileges by leveraging access to a sandboxed...

K26244025: BIG-IP HTTP compression profile vulnerability CVE-2020-5933

Security Advisory Description When a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger an out-of-memory condition on the BIG-IP system. CVE-2020-5933 Impact Th...

K14634: SSL/TLS BREACH vulnerability CVE-2013-3587

Security Advisory Description The BREACH vulnerability allows attackers to discover secrets wrapped in HTTP compression inside of SSL. By injecting plaintext into an HTTPS request, an attacker can learn information about the corresponding HTTPS response by measuring its size. This action relies o...

Updated curl packages fix security vulnerability

HTTP multi-header compression denial of service. CVE-2023-23916...

Denial Of Service (DoS)

curl is vulnerable to Denial of Service DoS. The vulnerability occurs because curl caps chained HTTP compression algorithms on per header basis. This allows an attacker to insert a virtually unlimited number of compression steps simply by using many headers leading to a crash...

CVE-2023-23916

A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors...