It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks.
Comment
It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks.
2267205 – CVE-2024-24246 qpdf – Heap Buffer Overflow vulnerability in qpdf [fedora-all]
backport fix for PEAP client (CVE-2023-52160)
2267205 – CVE-2024-24246 qpdf – Heap Buffer Overflow vulnerability in qpdf [fedora-all]
Update to latest version Security fix for CVE-2023-39325
51 queries. 8.5 mb Memory usage. 0.227 seconds.