Lucene search
K

26 matches found

Veracode
Veracode
added 2018/08/01 10:15 a.m.24 views

Memory Leak

libcurl.so is vulnerable to memory leak. The attack is possible due to performing sizet multiplication in curlmaprintf on systems using 32 bit causing a double free error.This vulnerability cannot be triggered if there is no publicly exposed function or if 64 bit sizet types are used...

9.8CVSS9.1AI score0.04574EPSS
Exploits0References9Affected Software5
Veracode
Veracode
added 2018/07/25 5:49 a.m.29 views

Denial Of Service (DoS)

libcurl.so is susceptible to denial of serviceDoS. The vulnerability exists because the curleasyunescape function in lib/escape.c only terminates string parsing when a zero byte is used, leading to heap corruption that can crash the application or cause arbitrary code to be executed...

6.8CVSS7.7AI score0.11118EPSS
Exploits2References10Affected Software1
Veracode
Veracode
added 2018/07/20 8:31 a.m.34 views

TLS Session Resumption Client Certificate Bypass

libcurl.so is vulnerable to TLS session resumption client certificate bypass attacks. The vulnerability exists in Curlclonesslconfig of lib/vtls/vtls.c where libcurl.so does not prevent the TLS session resumption if the client certificate has been replaced...

7.5CVSS7.6AI score0.15063EPSS
Exploits0References21Affected Software1
Veracode
Veracode
added 2018/07/17 4:59 a.m.35 views

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service DoS attacks. The library does not properly handle LDAP URLs, allowing a malicious user to cause a null pointer dereference, crashing the application...

7.5CVSS8AI score0.09565EPSS
Exploits0References17Affected Software5
Veracode
Veracode
added 2018/06/13 8:32 a.m.33 views

Denial Of Service (DoS) Through Integer Overflow

libcurl.so is vulnerable to denial of service DoS through an integer overflow. The vulnerability exists in NTLM authentication code where long user and password fields are not handled properly, crashing the application through a buffer overflow...

9.8CVSS9.3AI score0.08523EPSS
Exploits0References11Affected Software5
Veracode
Veracode
added 2018/05/31 3:42 a.m.30 views

Denial Of Service (DoS) Through Heap Buffer Overflow

libcurl.so is vulnerable to denial of service DoS through heap-based buffer overflow attacks. The vulnerability exists in setcharset of lib/curlfnmatch.c where using the default pattern matching function could cause a read beyond the end of the string if the match pattern ends with an open bracke...

9.8CVSS9AI score0.11175EPSS
Exploits0References10Affected Software5
Rows per page
Query Builder