Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Memory Exhaustion via Unbounded Content-Length
Vulnerability Description
A memory exhaustion vulnerability exists in the HTTP server due to unbounded use of the `Content-Length` header. The server allocates memory directly based on the attacker supplied header value without enforcing an upper limit. A crafted HTTP request containing an extremely large `Content-Length` value can trigger excessive memory allocation and server termination, even without sending a request body.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Orthanc 安全漏洞
Vulnerability Description
Orthanc是Orthanc公司的一款免费的开源软件。 Orthanc存在安全漏洞,该漏洞源于HTTP服务器由于无限制使用Content-Length标头而存在内存耗尽漏洞,可能导致触发过度内存分配并导致服务器终止。
CVSS Information
N/A
Vulnerability Type
N/A