Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.
CVSS Information
N/A
Vulnerability Type
业务逻辑错误
Vulnerability Title
curl 安全漏洞
Vulnerability Description
curl是一款用于从服务器传输数据或向服务器传输数据的工具。 curl 7.69.0版本到7.83.1版本存在安全漏洞,该漏洞源于在重命名操作中curl会意外夸大目标文件的权限。
CVSS Information
N/A
Vulnerability Type
N/A