Lucene search
K

19 matches found

OSV
OSV
added 2026/05/25 2:0 p.m.8 views

EEF-CVE-2026-47066 Infinite loop in Alt-Svc header parser in hackney

Summary Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackneyaltsvc.erl does not guarantee forward progress. When parsetoken/2 receives a non-token, non-whitespace, non-comma byte e.g. !...

8.7CVSS6AI score0.00703EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-6613

Malware in sbrugna...

4.4CVSS5AI score0.00275EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/01/13 11:25 a.m.5 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/13 10:52 a.m.11 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/09 11:55 a.m.2 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/09 7:37 a.m.5 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/09 7:31 a.m.5 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/09 6:36 a.m.8 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/09 6:33 a.m.6 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/09 6:26 a.m.10 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.00226EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/01/08 12:20 a.m.5 views

SUSE CVE-2025-0239

When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6...

4CVSS6.7AI score0.00226EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.4 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 134, which stemmed from a failure of ALPN to properly validate certificates when using Alt-Svc if the originating server redirecte...

4CVSS6.6AI score0.00226EPSS
Exploits0References6
OSV
OSV
added 2024/05/17 11:7 a.m.3 views

OESA-2024-1575 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox 84,...

8.8CVSS8.9AI score0.01876EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.4 views

SUSE CVE-2016-3176

Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...

5.6CVSS7.2AI score0.00873EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2022/07/19 7:0 a.m.3 views

When curl < 7.84.0 saves cookies alt-svc and hsts data to local files it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation it might accidentally *widen* the permissions for the target file leaving the updated file accessible to more users than intended.

...

9.8CVSS7.5AI score0.05481EPSS
Exploits1
OSV
OSV
added 2022/07/07 1:15 p.m.2 views

DEBIAN-CVE-2022-32207

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.8CVSS7.1AI score0.05481EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2017/01/31 7:59 p.m.18 views

CVE-2016-3176

Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...

5.6CVSS6.2AI score0.00873EPSS
Exploits0References4
PyPA
PyPA
added 2017/01/31 7:59 p.m.7 views

PYSEC-2017-33

Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...

5.6CVSS7.2AI score0.00873EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/01/31 7:59 p.m.4 views

UBUNTU-CVE-2016-3176

Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...

5.6CVSS6.2AI score0.00873EPSS
Exploits0References5
Rows per page
Query Builder