Количество 18
Количество 18
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-28322
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when do ...
GHSA-78jh-p6rf-g59w
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
BDU:2023-02895
Уязвимость библиотеки libcurl, связанная с ошибками при отправке HTTP-запросов POST и PUT с использованием одного и того же дескриптора, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
ELSA-2023-4354
ELSA-2023-4354: curl security update (MODERATE)
SUSE-SU-2023:2230-1
Security update for curl
SUSE-SU-2023:2227-1
Security update for curl
RLSA-2024:1601
Moderate: curl security and bug fix update
ELSA-2024-1601
ELSA-2024-1601: curl security and bug fix update (MODERATE)
SUSE-SU-2023:2224-2
Security update for curl
SUSE-SU-2023:2224-1
Security update for curl
SUSE-SU-2023:2225-1
Security update for curl
ROS-20230621-24
Множественные уязвимости libCurl
SUSE-SU-2023:2228-1
Security update for curl
SUSE-SU-2023:2226-1
Security update for curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | почти 3 года назад |
 | CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | почти 3 года назад |
 | CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | почти 3 года назад |
 | CVSS3: 3.7 | 1% Низкий | почти 3 года назад | |
| CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when do ... | CVSS3: 3.7 | 1% Низкий | почти 3 года назад |
| GHSA-78jh-p6rf-g59w An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | CVSS3: 3.7 | 1% Низкий | почти 3 года назад |
 | BDU:2023-02895 Уязвимость библиотеки libcurl, связанная с ошибками при отправке HTTP-запросов POST и PUT с использованием одного и того же дескриптора, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 7.5 | 1% Низкий | почти 3 года назад |
| ELSA-2023-4354 ELSA-2023-4354: curl security update (MODERATE) | больше 2 лет назад | ||
 | SUSE-SU-2023:2230-1 Security update for curl | почти 3 года назад | ||
| SUSE-SU-2023:2227-1 Security update for curl | почти 3 года назад | ||
 | RLSA-2024:1601 Moderate: curl security and bug fix update | почти 2 года назад | ||
| ELSA-2024-1601 ELSA-2024-1601: curl security and bug fix update (MODERATE) | почти 2 года назад | ||
| SUSE-SU-2023:2224-2 Security update for curl | почти 3 года назад | ||
| SUSE-SU-2023:2224-1 Security update for curl | почти 3 года назад | ||
| SUSE-SU-2023:2225-1 Security update for curl | почти 3 года назад | ||
 | ROS-20230621-24 Множественные уязвимости libCurl | CVSS3: 7.5 | почти 3 года назад | |
| SUSE-SU-2023:2228-1 Security update for curl | почти 3 года назад | ||
| SUSE-SU-2023:2226-1 Security update for curl | почти 3 года назад |
Уязвимостей на страницу