Lucene search
K

4 matches found

OSV
OSV
added 2024/11/06 8:15 a.m.4 views

ALPINE-CVE-2024-9681

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

6.5CVSS6.9AI score0.0197EPSS
Exploits1References1
OSV
OSV
added 2023/05/04 9:42 p.m.7 views

CLSA-2023-1683236532 openssl: Fix of 3 CVEs

CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509VERIFYPARAMadd0policy - CVE-2022-3996: Drop redundant flag setting in policycachesetmapping...

7.5CVSS7AI score0.03658EPSS
Exploits0References1
OSV
OSV
added 2023/05/04 9:29 p.m.7 views

CLSA-2023-1683235759 Fix CVE(s): CVE-2022-3996, CVE-2023-0464, CVE-2023-0466

SECURITY UPDATE: Excessive resource use verifying X.509 policy constraints - debian/patches/CVE-2023-0464.patch: Limit X.509 certificate tree size to avoid exponential use of computational resources - CVE-2023-0464 SECURITY UPDATE: Incorrecly documented X509VERIFYPARAMadd0policy -...

7.5CVSS7AI score0.03658EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2022/06/14 7:0 a.m.4 views

Using its HSTS support curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.

...

4.3CVSS6.3AI score0.01118EPSS
Exploits1
Rows per page
Query Builder