Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Undefined Behavior Due to Out-of-Bounds Pointer Arithmetic in libwebsockets
Vulnerability Description
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32 platform. By default, the affected code is not executed unless one of the following conditions is met: LWS_WITHOUT_EXTENSIONS (default ON) is manually set to OFF in CMake. LWS_WITH_HTTP_STREAM_COMPRESSION (default OFF) is manually set to ON in CMake. Despite these conditions, when triggered in affected configurations, this vulnerability may allow attackers to manipulate pointers, potentially leading to memory corruption or unexpected behavior.
CVSS Information
N/A
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
libwebsockets 缓冲区错误漏洞
Vulnerability Description
Libwebsockets是lws-team开源的一个规范的 libwebsockets 网络库。 libwebsockets 4.3.4之前版本存在安全漏洞,该漏洞源于指针操作不当,可能导致越界内存访问。
CVSS Information
N/A
Vulnerability Type
N/A