Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
libcurl 资源管理错误漏洞
Vulnerability Description
libcurl是一款用于从服务器传输数据或向服务器传输数据的工具。 libcurl 存在安全漏洞,该漏洞源于允许名称解析使用 alarm()和siglongjmp()使操作超时,导致应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A