Описание
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.84.0 (включая) до 8.5.0 (исключая)
cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00072
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-311
Связанные уязвимости
CVSS3: 5.3
ubuntu
почти 2 года назад
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
CVSS3: 5.3
redhat
почти 2 года назад
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
CVSS3: 5.3
debian
почти 2 года назад
When saving HSTS data to an excessively long file name, curl could end ...
EPSS
Процентиль: 22%
0.00072
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-311