8 matches found
CVE-2026-10098
OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...
CVE-2026-1525
CVE-2026-1525 is an Undici HTTP client issue where passing duplicate Content-Length headers (especially with mixed case variants like Content-Length and content-length) can produce malformed HTTP/1.1 requests and enable HTTP Request Smuggling in misconfigured environments. Public advisories indic...
Mozilla: Out-of-bounds memory read in networking channels
The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...
Mozilla: Out-of-bounds memory read in networking channels
The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...
Mozilla: Out-of-bounds memory read in networking channels
The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...
DEBIAN-CVE-2024-1546
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...
CVE-2024-1546
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...
Security Vulnerabilities fixed in Firefox 123 — Mozilla
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website with the victim...