Lucene search
+L

16 matches found

redhatcve
redhatcve
added 2025/05/23 5:24 a.m.5 views

CVE-2023-52266

ehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc use-after-free. An attacker can make many connections over a short time to trigger this...

7.5CVSS6.8AI score0.0074EPSS
Exploits1References1
attackerkb
attackerkb
added 2023/12/31 12:15 a.m.3 views

CVE-2023-52266

ehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc use-after-free. An attacker can make many connections over a short time to trigger this...

7.5CVSS5.8AI score0.0074EPSS
Exploits1References3
nvd
nvd
added 2023/12/31 12:15 a.m.22 views

CVE-2023-52266

ehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc use-after-free. An attacker can make many connections over a short time to trigger this...

7.5CVSS0.0074EPSS
Exploits1References2
attackerkb
attackerkb
added 2023/12/31 12:15 a.m.2 views

CVE-2023-52267

ehttp 1.0.6 before 17405b9 has a simplelog.cpp log out-of-bounds-read during error logging for long strings...

7.5CVSS5.8AI score0.0074EPSS
Exploits1References3
prion
prion
added 2023/12/31 12:15 a.m.13 views

Design/Logic Flaw

ehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc use-after-free. An attacker can make many connections over a short time to trigger this...

5CVSS7AI score0.0074EPSS
Exploits1References2Affected Software1
prion
prion
added 2023/12/31 12:15 a.m.20 views

Design/Logic Flaw

ehttp 1.0.6 before 17405b9 has a simplelog.cpp log out-of-bounds-read during error logging for long strings...

5CVSS7.2AI score0.0074EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2023/12/31 12:0 a.m.4 views

ehttp Security Vulnerabilities

ehttp is a library from the Chinese developer hongliuliao. A security vulnerability exists in versions prior to ehttp 1.0.6, which stems from an out-of-bounds read in the void log function in simplelog.cpp, resulting in memory corruption...

7.5CVSS6.7AI score0.0074EPSS
Exploits1References2
cnnvd
cnnvd
added 2023/12/31 12:0 a.m.4 views

ehttp Security Vulnerabilities

ehttp is a library by the Chinese developer hongliuliao. A security vulnerability exists in versions prior to ehttp 1.0.6, which stems from a post-release reuse in the readfunc function in epollsocket.cpp, resulting in memory corruption...

7.5CVSS6.8AI score0.0074EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2023/12/30 12:0 a.m.11 views

CVE-2023-52267

ehttp 1.0.6 before 17405b9 has a simplelog.cpp log out-of-bounds-read during error logging for long strings...

6.9AI score0.0074EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2023/12/30 12:0 a.m.12 views

CVE-2023-52266

ehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc use-after-free. An attacker can make many connections over a short time to trigger this...

6.8AI score0.0074EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2023/12/30 12:0 a.m.4 views

PT-2023-31950 · Ehttp · Ehttp

Name of the Vulnerable Software and Affected Versions: ehttp version 1.0.6 before 17405b9 Description: The issue is related to an out-of-bounds read in the simple log.cpp file during error logging for long strings. Recommendations: For ehttp version 1.0.6 before 17405b9, consider updating to a...

7.5CVSS7.2AI score0.0074EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2023/12/30 12:0 a.m.3 views

PT-2023-31949 · Ehttp · Ehttp

Name of the Vulnerable Software and Affected Versions: ehttp version 1.0.6 before 17405b9 Description: The issue is related to a use-after-free in the epoll socket.cpp read func. An attacker can trigger this by making many connections over a short time. Recommendations: For ehttp version 1.0.6...

7.5CVSS7.1AI score0.0074EPSS
Exploits1References11
cve
cve
added 2023/12/30 12:0 a.m.38 views

CVE-2023-52267

The CVE-2023-52267 issue affects ehttp 1.0.6 and earlier, where an out-of-bounds read occurs in simple_log.cpp _log during logging of long strings, leading to memory corruption. The vulnerability is triggered in versions before 17405b9. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH) wit...

7.5CVSS7.5AI score0.0074EPSS
Exploits1References2Affected Software1
cve
cve
added 2023/12/30 12:0 a.m.44 views

CVE-2023-52266

CVE-2023-52266 affects ehttp 1.0.6 prior to 17405b9. The root cause is a use-after-free in the epoll_socket.cpp read_func, enabling an attacker to trigger memory corruption by opening many connections in a short time. Documented references consistently describe the issue and indicate a fix is ava...

7.5CVSS7.4AI score0.0074EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2023/12/30 12:0 a.m.30 views

CVE-2023-52266

ehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc use-after-free. An attacker can make many connections over a short time to trigger this...

7.6AI score0.0074EPSS
Exploits1References2
osv
osv
added 2023/12/30 12:0 a.m.19 views

CVE-2023-52266

ehttp 1.0.6 before 17405b9 has an epollsocket.cpp readfunc use-after-free. An attacker can make many connections over a short time to trigger this...

7.5CVSS6.8AI score0.0074EPSS
Exploits1References4
Rows per page
Query Builder