VYPR

apk package

wolfi/libcurl-rustls4

pkg:apk/wolfi/libcurl-rustls4

Vulnerabilities (2)

  • CVE-2023-38546LowOct 18, 2023
    affected < 8.4.0-r0fixed 8.4.0-r0

    This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl

  • CVE-2023-38545CriOct 18, 2023
    affected < 8.4.0-r0fixed 8.4.0-r0

    This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byt