curl: libcurl: Curl out of bounds read for cookie path

An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...

curl: libcurl: Curl out of bounds read for cookie path

An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...

curl: libcurl: Curl out of bounds read for cookie path

An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...

curl: libcurl: Curl out of bounds read for cookie path

An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...

EUVD-2022-34253

Malicious code in bioql PyPI...

CVE-2025-9086

A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper validation in the path comparison process. An attacker can cause a crash or override the contents of a secure cookie by setting a cookie with the secure keyword for an HTTPS site, then redirecting to t...

CVE-2025-9086

A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...

curl 安全漏洞

curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl that stems from a heap buffer boundary read error in the path comparison logic, which could lead to a crash or a security cookie being overwritten by a plaintext site...

SUSE SLES12 Security Update : curl (SUSE-SU-2025:03173-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03173-1 advisory. - CVE-2025-9086: bug in path comparison logic when processing cookies can lead to out-of-bounds read in heap buffer bsc1249191. -...

Privacy-Preserving Drone Navigation through Homomorphic Encryption for Collision Avoidance

As drones increasingly deliver packages in neighborhoods, concerns about collisions arise. One solution is to share flight paths within a specific zip code, but this compromises business privacy by revealing delivery routes. For example, it could disclose which stores send packages to certain...

CVE-2022-29944

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents does not redirect to a new path, even if a new intent that shares the path with higher priority is installed...

CVE-2022-29944

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents does not redirect to a new path, even if a new intent that shares the path with higher priority is installed...

CVE-2022-29944

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents does not redirect to a new path, even if a new intent that shares the path with higher priority is installed...

CVE-2022-29944

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents does not redirect to a new path, even if a new intent that shares the path with higher priority is installed...

PT-2023-12993 · Onos · Onos

Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered in ONOS where there is an incorrect comparison of paths installed by intents. An existing intent does not redirect to a new path, even if a new intent that shares the path with higher...

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup.Due to errors in the logic the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*which could lead to libcurl reusing wrong connections.File paths are or can be case sensitive on many systems but not all and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

...

openSUSE Security Update : util-linux (openSUSE-2016-1446)

This update for util-linux fixes the following issues : - Consider redundant slashes when comparing paths bsc982331, util-linux-libmount-ignore-redundant-slashes.patch, affects backport of util-linux-libmount-cifs-ismounted.patch. - Use upstream compatibility patches for --show-pt-geometry with...