|
Lines 1-3
Link Here
|
|
|
1 |
<vuln vid="2220827b-c732-11ec-b272-901b0e934d69"> |
| 2 |
<topic>hiredis -- integer/buffer overflow</topic> |
| 3 |
<affects> |
| 4 |
<package> |
| 5 |
<name>hiredis</name> |
| 6 |
<range><lt>1.0.1</lt></range> |
| 7 |
</package> |
| 8 |
</affects> |
| 9 |
<description> |
| 10 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
| 11 |
<p>hiredis maintainers report:</p> |
| 12 |
<blockquote cite="INSERT URL HERE"> |
| 13 |
<p> |
| 14 |
Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. |
| 15 |
|
| 16 |
When parsing multi-bulk (array-like) replies, hiredis fails to check if count * sizeof(redisReply*) can be represented in SIZE_MAX. If it can not, and the calloc() call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow.</p> |
| 17 |
</blockquote> |
| 18 |
</body> |
| 19 |
</description> |
| 20 |
<references> |
| 21 |
<cvename>CVE-2021-32765</cvename> |
| 22 |
<url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32765</url> |
| 23 |
<url>https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2</url> |
| 24 |
</references> |
| 25 |
<dates> |
| 26 |
<discovery>2021-10-04</discovery> |
| 27 |
<entry>2022-04-28</entry> |
| 28 |
</dates> |
| 29 |
</vuln> |
| 30 |
|
| 1 |
<vuln vid="92a4d881-c6cf-11ec-a06f-d4c9ef517024"> |
31 |
<vuln vid="92a4d881-c6cf-11ec-a06f-d4c9ef517024"> |
| 2 |
<topic>cURL -- Multiple vulnerabilities</topic> |
32 |
<topic>cURL -- Multiple vulnerabilities</topic> |
| 3 |
<affects> |
33 |
<affects> |