Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
fizz 安全漏洞
Vulnerability Description
fizz是一款使用C++语言编写的TLS实现。 fizz v2023.01.30.00 之前版本存在安全漏洞,该漏洞源于客户端支持的密码广告在原始 ClientHello 和第二个 ClientHello 之间更改,导致进程崩溃。
CVSS Information
N/A
Vulnerability Type
N/A