453 matches found
AZL-35133 CVE-2024-24806 affecting package python-gevent for versions less than 23.9.1-3
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
AZL-35051 CVE-2024-24806 affecting package nodejs for versions less than 20.14.0-1
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
AZL-34957 CVE-2024-24806 affecting package libuv for versions less than 1.48.0-1
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
ALPINE-CVE-2024-24806
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
AZL-34278 CVE-2024-24806 affecting package nodejs18 for versions less than 18.18.2-4
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
AZL-34306 CVE-2024-24806 affecting package libuv for versions less than 1.43.0-2
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
DEBIAN-CVE-2024-24806
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
CVE-2024-24806
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
UBUNTU-CVE-2024-24806
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
CVE-2024-24806
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
CVE-2024-24806 Improper Domain Lookup that potentially leads to SSRF attacks in libuv
libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...
PT-2024-2832 · Libuv +10 · Libuv +10
Name of the Vulnerable Software and Affected Versions: libuv versions prior to 1.48.0 Description: The issue arises due to the handling of the hostname ascii variable in the uv getaddrinfo function, which truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be...
The vulnerability of the getaddrinfo function in the GNU C library (glibc) allows a hacker to cause a service failure.
The vulnerability of the getaddrinfo function in the GNU C library glibc is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
Advisory ROSA-SA-2024-2332
Software: glibc 2.28 OS: ROSA Virtualization 2.1 packageevrstring: glibc-2.28-225.rv3.src.rpm CVE-ID: CVE-2023-4527 BDU-ID: 2023-06332 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the getaddrinfo function of the glibc system library is related to reading data outside of buffer boundaries in...
EulerOS 2.0 SP10 : glibc (EulerOS-SA-2023-3212)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash...
EulerOS Virtualization 2.10.0 : glibc (EulerOS-SA-2023-3471)
According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an...
EulerOS 2.0 SP11 : glibc (EulerOS-SA-2023-3269)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...
EulerOS 2.0 SP9 : glibc (EulerOS-SA-2023-3298)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...
EulerOS 2.0 SP9 : glibc (EulerOS-SA-2023-3330)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...
EulerOS 2.0 SP10 : glibc (EulerOS-SA-2023-3177)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash...