Количество 15
Количество 15
BDU:2023-03612
Уязвимость функций alarm() и siglongjmp() утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2023-28320
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.
CVE-2023-28320
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.
CVE-2023-28320
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.
CVE-2023-28320
CVE-2023-28320
A denial of service vulnerability exists in curl <v8.1.0 in the way li ...
GHSA-c8wj-435x-f2cc
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.
SUSE-SU-2023:2230-1
Security update for curl
SUSE-SU-2023:2227-1
Security update for curl
SUSE-SU-2023:2224-2
Security update for curl
SUSE-SU-2023:2224-1
Security update for curl
SUSE-SU-2023:2225-1
Security update for curl
ROS-20230621-04
Множественные уязвимости Curl
SUSE-SU-2023:2228-1
Security update for curl
SUSE-SU-2023:2226-1
Security update for curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-03612 Уязвимость функций alarm() и siglongjmp() утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 1% Низкий | около 2 лет назад |
 | CVE-2023-28320 A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | CVSS3: 5.9 | 1% Низкий | около 2 лет назад |
 | CVE-2023-28320 A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | CVSS3: 3.7 | 1% Низкий | около 2 лет назад |
 | CVE-2023-28320 A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | CVSS3: 5.9 | 1% Низкий | около 2 лет назад |
 | CVSS3: 5.9 | 1% Низкий | около 2 лет назад | |
| CVE-2023-28320 A denial of service vulnerability exists in curl <v8.1.0 in the way li ... | CVSS3: 5.9 | 1% Низкий | около 2 лет назад |
| GHSA-c8wj-435x-f2cc A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | CVSS3: 5.9 | 1% Низкий | около 2 лет назад |
 | SUSE-SU-2023:2230-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2227-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2224-2 Security update for curl | почти 2 года назад | ||
| SUSE-SU-2023:2224-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2225-1 Security update for curl | около 2 лет назад | ||
 | ROS-20230621-04 Множественные уязвимости Curl | CVSS3: 7.5 | около 2 лет назад | |
| SUSE-SU-2023:2228-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2226-1 Security update for curl | около 2 лет назад |
Уязвимостей на страницу