Описание
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ulfius | fixed | 2.7.1-2 | package | |
| ulfius | fixed | 2.7.1-1+deb11u1 | bullseye | package |
| ulfius | fixed | 2.5.2-4+deb10u1 | buster | package |
Примечания
https://github.com/babelouest/ulfius/commit/c83f564c184a27145e07c274b305cabe943bbfaa
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 4 лет назад
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.
CVSS3: 9.8
nvd
больше 4 лет назад
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.
github
больше 3 лет назад
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.