GO-2022-0586 Resource exhaustion in github.com/hashicorp/go-getter and related modules

Malicious HTTP responses can cause a number of misbehaviors, including overwriting local files, resource exhaustion, and panics. Protocol switching, endless redirect, and configuration bypass are possible through abuse of custom HTTP response header processing. Arbitrary host access is possible...

EulerOS 2.0 SP5 : exiv2 (EulerOS-SA-2019-1900)

According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service...

cURL and libcurl Cookie Path Parsing Remote Code Execution (CVE-2015-3145)

A heap buffer underflow vulnerability exists in cURL and libcurl. The vulnerability is due error when parsing a cookie path in an HTTP response. A remote, unauthenticated attackers can exploit this vulnerability by enticing user to perform a cURL on a crafted URL or provide malicious HTTP respons...