Lucene search
K

9 matches found

OSV
OSV
added 2023/10/23 11:6 a.m.7 views

OESA-2023-1762 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5...

9.8CVSS7.5AI score0.78483EPSS
Exploits6References3
OSV
OSV
added 2023/10/18 4:15 a.m.5 views

AZL-31501 CVE-2023-38545 affecting package cmake for versions less than 3.21.4-10

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

9.8CVSS7AI score0.78483EPSS
Exploits6References1
OSV
OSV
added 2023/10/18 4:15 a.m.7 views

ALPINE-CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

9.8CVSS6.9AI score0.78483EPSS
Exploits6References1
OSV
OSV
added 2023/10/18 4:15 a.m.3 views

DEBIAN-CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

9.8CVSS7.1AI score0.78483EPSS
Exploits6References1
OSV
OSV
added 2023/10/18 4:15 a.m.5 views

AZL-31288 CVE-2023-38545 affecting package curl for versions less than 8.3.0-2

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

9.8CVSS7AI score0.78483EPSS
Exploits6References1
SUSE CVE
SUSE CVE
added 2023/10/12 2:35 p.m.4 views

SUSE CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

8.1CVSS6.3AI score0.78483EPSS
Exploits6References62
OSV
OSV
added 2023/10/11 6:0 a.m.1 views

UBUNTU-CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

9.8CVSS6.7AI score0.78483EPSS
Exploits6References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.4 views

SUSE CVE-2012-0867

PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters...

4.3CVSS7AI score0.02336EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.5 views

mod_jk: Buffer overflow when concatenating virtual host name and URI

It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...

9.8CVSS6.2AI score0.18989EPSS
Exploits1References5
Rows per page
Query Builder