Количество 18
Количество 18
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-28322
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when do ...
GHSA-78jh-p6rf-g59w
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
BDU:2023-02895
Уязвимость библиотеки libcurl, связанная с ошибками при отправке HTTP-запросов POST и PUT с использованием одного и того же дескриптора, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
ELSA-2023-4354
ELSA-2023-4354: curl security update (MODERATE)
SUSE-SU-2023:2230-1
Security update for curl
SUSE-SU-2023:2227-1
Security update for curl
RLSA-2024:1601
Moderate: curl security and bug fix update
ELSA-2024-1601
ELSA-2024-1601: curl security and bug fix update (MODERATE)
SUSE-SU-2023:2224-2
Security update for curl
SUSE-SU-2023:2224-1
Security update for curl
SUSE-SU-2023:2225-1
Security update for curl
ROS-20230621-04
Множественные уязвимости Curl
SUSE-SU-2023:2228-1
Security update for curl
SUSE-SU-2023:2226-1
Security update for curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | около 2 лет назад |
 | CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | около 2 лет назад |
 | CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | около 2 лет назад |
 | CVSS3: 3.7 | 1% Низкий | около 2 лет назад | |
| CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when do ... | CVSS3: 3.7 | 1% Низкий | около 2 лет назад |
| GHSA-78jh-p6rf-g59w An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | около 2 лет назад |
 | BDU:2023-02895 Уязвимость библиотеки libcurl, связанная с ошибками при отправке HTTP-запросов POST и PUT с использованием одного и того же дескриптора, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 7.5 | 1% Низкий | около 2 лет назад |
| ELSA-2023-4354 ELSA-2023-4354: curl security update (MODERATE) | почти 2 года назад | ||
 | SUSE-SU-2023:2230-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2227-1 Security update for curl | около 2 лет назад | ||
 | RLSA-2024:1601 Moderate: curl security and bug fix update | около 1 года назад | ||
| ELSA-2024-1601 ELSA-2024-1601: curl security and bug fix update (MODERATE) | около 1 года назад | ||
| SUSE-SU-2023:2224-2 Security update for curl | почти 2 года назад | ||
| SUSE-SU-2023:2224-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2225-1 Security update for curl | около 2 лет назад | ||
 | ROS-20230621-04 Множественные уязвимости Curl | CVSS3: 7.5 | почти 2 года назад | |
| SUSE-SU-2023:2228-1 Security update for curl | около 2 лет назад | ||
| SUSE-SU-2023:2226-1 Security update for curl | около 2 лет назад |
Уязвимостей на страницу