Количество 14
Количество 14
GHSA-mq8w-c2j9-rqxc
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
CVE-2024-2398
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push ...
RLSA-2024:5654
Moderate: curl security update
ELSA-2024-5654
ELSA-2024-5654: curl security update (MODERATE)
ELSA-2024-5529
ELSA-2024-5529: curl security update (MODERATE)
BDU:2024-02722
Уязвимость реализации сетевого протокола HTTP/2 утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2024:1151-2
Security update for curl
SUSE-SU-2024:1151-1
Security update for curl
SUSE-SU-2024:1150-1
Security update for curl
ROS-20240708-01
Множественные уязвимости curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-mq8w-c2j9-rqxc When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 8.6 | 3% Низкий | около 1 года назад |
 | CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 8.6 | 3% Низкий | около 1 года назад |
 | CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 7.5 | 3% Низкий | около 1 года назад |
 | CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 8.6 | 3% Низкий | около 1 года назад |
 | CVSS3: 8.6 | 3% Низкий | 9 месяцев назад | |
| CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push ... | CVSS3: 8.6 | 3% Низкий | около 1 года назад |
 | RLSA-2024:5654 Moderate: curl security update | 3% Низкий | около 1 месяца назад | |
| ELSA-2024-5654 ELSA-2024-5654: curl security update (MODERATE) | 10 месяцев назад | ||
| ELSA-2024-5529 ELSA-2024-5529: curl security update (MODERATE) | 10 месяцев назад | ||
 | BDU:2024-02722 Уязвимость реализации сетевого протокола HTTP/2 утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 4.3 | 3% Низкий | больше 1 года назад |
 | SUSE-SU-2024:1151-2 Security update for curl | около 1 года назад | ||
| SUSE-SU-2024:1151-1 Security update for curl | около 1 года назад | ||
| SUSE-SU-2024:1150-1 Security update for curl | около 1 года назад | ||
 | ROS-20240708-01 Множественные уязвимости curl | CVSS3: 4.3 | 12 месяцев назад |
Уязвимостей на страницу