Broadcom: Security Vulnerabilities
A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-03-30
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-03-30
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-03-16
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-03-16
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.
CVSS Score
7.5
EPSS Score
0.007
Published
2023-03-16
An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-03-16
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-03-16
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-03-16
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-03-16
An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.
CVSS Score
5.4
EPSS Score
0.006
Published
2023-01-26