4 matches found
Siemens SIMATIC S7-1500 Stack-based Buffer Overflow (CVE-2022-35260)
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
curl: Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c
Summary : -When parsing a netrc. file, the macdef keyword fails to clear previously loaded credentials. If a redirect follows, these credentials are leaked to the new host. This is a new variant of CVE-2024-11053, triggered by a different code path 'macdef' instead of 'default'. No, this...
DEBIAN-CVE-2022-35260
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
AZL-38755 CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...