漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
WebSocket endless loop
Vulnerability Description
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS libcurl-using application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libcurl 安全漏洞
Vulnerability Description
libcurl是cURL开源的一个免费且易于使用的客户端 URL 传输库。 libcurl 8.13.0版本至8.14.0版本存在安全漏洞,该漏洞源于WebSocket代码错误处理不当,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A