Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stack-based Buffer Overflow in libwebsockets DNS response parsing
Vulnerability Description
Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation, to overflow the label_stack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer than the maximum.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Libwebsockets 安全漏洞
Vulnerability Description
Libwebsockets是lws-team开源的一个规范的 libwebsockets 网络库。 Libwebsockets存在安全漏洞,该漏洞源于启用LWS_WITH_SYS_ASYNC_DNS标志编译时,lws_adns_parse_label函数存在基于栈的缓冲区溢出,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A