exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 15

CVE-2024-7264

11 месяцев назад

libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.

CVSS3: 6.5

EPSS: Низкий

CVE-2024-7264

11 месяцев назад

CVSS3: 5.3

EPSS: Низкий

CVE-2024-7264

11 месяцев назад

CVSS3: 6.5

EPSS: Низкий

CVE-2024-7264

8 месяцев назад

CVSS3: 6.5

EPSS: Низкий

CVE-2024-7264

11 месяцев назад

libcurl's ASN1 parser code has the `GTime2str()` function, used for pa ...

CVSS3: 6.5

EPSS: Низкий

SUSE-SU-2024:3080-2

9 месяцев назад

Security update for curl

EPSS: Низкий

SUSE-SU-2024:3080-1

10 месяцев назад

Security update for curl

EPSS: Низкий

SUSE-SU-2024:2938-1

10 месяцев назад

Security update for curl

EPSS: Низкий

GHSA-97c4-2w4v-c7r8

11 месяцев назад

CVSS3: 6.5

EPSS: Низкий

BDU:2024-05923

11 месяцев назад

Уязвимость функции GTime2str парсера ASN1 Parser библиотеки libcurl, позволяющая нарушителю вызвать октаз в обслуживании

CVSS3: 4.8

EPSS: Низкий

SUSE-SU-2024:2784-1

11 месяцев назад

Security update for curl

EPSS: Низкий

ROS-20240816-13

10 месяцев назад

Уязвимость zlib

CVSS3: 4.8

EPSS: Низкий

ROS-20240816-02

10 месяцев назад

Уязвимость curl

CVSS3: 4.8

EPSS: Низкий

ELSA-2025-1673

4 месяца назад

ELSA-2025-1673: mysql:8.0 security update (IMPORTANT)

EPSS: Низкий

ELSA-2025-1671

4 месяца назад

ELSA-2025-1671: mysql security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-7264 libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.	CVSS3: 6.5	3% Низкий	11 месяцев назад
CVE-2024-7264 libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.	CVSS3: 5.3	3% Низкий	11 месяцев назад
CVE-2024-7264 libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.	CVSS3: 6.5	3% Низкий	11 месяцев назад
CVE-2024-7264	CVSS3: 6.5	3% Низкий	8 месяцев назад
CVE-2024-7264 libcurl's ASN1 parser code has the `GTime2str()` function, used for pa ...	CVSS3: 6.5	3% Низкий	11 месяцев назад
SUSE-SU-2024:3080-2 Security update for curl		3% Низкий	9 месяцев назад
SUSE-SU-2024:3080-1 Security update for curl		3% Низкий	10 месяцев назад
SUSE-SU-2024:2938-1 Security update for curl		3% Низкий	10 месяцев назад
GHSA-97c4-2w4v-c7r8 libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.	CVSS3: 6.5	3% Низкий	11 месяцев назад
BDU:2024-05923 Уязвимость функции GTime2str парсера ASN1 Parser библиотеки libcurl, позволяющая нарушителю вызвать октаз в обслуживании	CVSS3: 4.8	3% Низкий	11 месяцев назад
SUSE-SU-2024:2784-1 Security update for curl			11 месяцев назад
ROS-20240816-13 Уязвимость zlib	CVSS3: 4.8	3% Низкий	10 месяцев назад
ROS-20240816-02 Уязвимость curl	CVSS3: 4.8	3% Низкий	10 месяцев назад
ELSA-2025-1673 ELSA-2025-1673: mysql:8.0 security update (IMPORTANT)			4 месяца назад
ELSA-2025-1671 ELSA-2025-1671: mysql security update (IMPORTANT)			4 месяца назад

Уязвимостей на страницу