3 matches found
urllib3 安全漏洞
urllib3 is a Python HTTP library open-sourced by urllib3. It features thread-safe connection pooling, file publishing support, and more. A security vulnerability exists in urllib3 version 1.24 up to and including version 2.6.0, which stems from an unlimited number of links in the decompression...
Discourse 资源管理错误漏洞
Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. Discourse suffers from a resource management error vulnerability that stems from a URL endpoint that generates an inline onebox without limiting th...
CVE-2022-32206
curl 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually...