Количество 14
Количество 14
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
CVE-2024-2398
CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push ...
RLSA-2024:5654
Moderate: curl security update
GHSA-mq8w-c2j9-rqxc
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
ELSA-2024-5654
ELSA-2024-5654: curl security update (MODERATE)
ELSA-2024-5529
ELSA-2024-5529: curl security update (MODERATE)
BDU:2024-02722
Уязвимость реализации сетевого протокола HTTP/2 утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2024:1151-2
Security update for curl
SUSE-SU-2024:1151-1
Security update for curl
SUSE-SU-2024:1150-1
Security update for curl
ROS-20240708-01
Множественные уязвимости curl
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 8.6 | 1% Низкий | больше 1 года назад |
 | CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
 | CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 8.6 | 1% Низкий | больше 1 года назад |
 | CVSS3: 8.6 | 1% Низкий | 10 месяцев назад | |
| CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push ... | CVSS3: 8.6 | 1% Низкий | больше 1 года назад |
 | RLSA-2024:5654 Moderate: curl security update | 1% Низкий | 3 месяца назад | |
| GHSA-mq8w-c2j9-rqxc When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | CVSS3: 8.6 | 1% Низкий | больше 1 года назад |
| ELSA-2024-5654 ELSA-2024-5654: curl security update (MODERATE) | 12 месяцев назад | ||
| ELSA-2024-5529 ELSA-2024-5529: curl security update (MODERATE) | 12 месяцев назад | ||
 | BDU:2024-02722 Уязвимость реализации сетевого протокола HTTP/2 утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 4.3 | 1% Низкий | больше 1 года назад |
 | SUSE-SU-2024:1151-2 Security update for curl | больше 1 года назад | ||
| SUSE-SU-2024:1151-1 Security update for curl | больше 1 года назад | ||
| SUSE-SU-2024:1150-1 Security update for curl | больше 1 года назад | ||
 | ROS-20240708-01 Множественные уязвимости curl | CVSS3: 4.3 | около 1 года назад |
Уязвимостей на страницу