漏洞标题
N/A
漏洞描述信息
将“Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via crafted value as the retry delay.”翻译成中文:
在curl 7.65.2版本中,工具操作工具_operate.c库存在通过构造值作为重试延迟的整数溢出漏洞。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
漏洞类别
整数溢出或超界折返
漏洞标题
N/A
漏洞描述信息
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
curl 输入验证错误漏洞
漏洞描述信息
curl是一款用于从服务器传输数据或向服务器传输数据的工具。 curl 7.65.2版本存在输入验证错误漏洞,该漏洞源于tool_operate.c 中存在整数溢出。
CVSS信息
N/A
漏洞类别
输入验证错误