3 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-28628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority- regex allows an attacker to send malicious URLs to be...
CVE-2023-28628
lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...
--write-out out of buffer read
There were two bugs in curl's parser for the command line option --write-out or -w for short that would skip the end of string zero byte if the string ended in a % percent or \ backslash, and it would read beyond that buffer in the heap memory and it could then potentially output pieces of that...