3 matches found
CLSA-2026-1777544744 squid: Fix of CVE-2023-49288
CVE-2023-49288: fix use-after-free in storeclient lifetime by locking StoreEntry for the duration of the storeclient object...
CLSA-2026-1777539902 squid: Fix of CVE-2023-49288
CVE-2023-49288: fix use-after-free in storeclient lifetime by locking StoreEntry for the duration of the storeclient object...
rust-openssl: rust openssl ssl::select_next_proto use after free
A flaw was found in the rust-openssl package. In certain versions, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cau...