5 matches found
Arbitrary Code Injection
Langroid is vulnerable to Arbitrary Code Injection. The vulnerability is due to improper sandboxing of Python eval that fails to remove builtins, which allows an attacker to execute arbitrary operating system commands through crafted LLM-generated tool messages...
curl: Heap-based buffer over-read in the curl tool warning formatting
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure and denial of service...
Curl Heap Buffer Overflow Vulnerability
Haxx curl is a set of file transfer tools from the Swedish company Haxx that work on the command line using URL syntax, the tool supports file uploads and downloads, and includes a libcurl client-side URL transfer library for program development. A heap buffer overflow vulnerability exists in the...
ALPINE-CVE-2018-16842
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure and denial of service...
CVE-2018-16842
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure and denial of service...