Описание
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.84.0 (включая) до 8.5.0 (исключая)
cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00221
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-311
CWE-311
Связанные уязвимости
CVSS3: 5.3
ubuntu
около 2 лет назад
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
CVSS3: 5.3
redhat
около 2 лет назад
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
CVSS3: 5.3
debian
около 2 лет назад
When saving HSTS data to an excessively long file name, curl could end ...
EPSS
Процентиль: 45%
0.00221
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-311
CWE-311