Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ghsa-97c4-2w4v-c7r8
Vulnerability from github
Published
2024-07-31 09:30
Modified
2024-08-12 18:30
Severity ?
Details
libcurl's ASN1 parser code has the GTime2str() function, used for parsing an
ASN.1 Generalized Time field. If given an syntactically incorrect field, the
parser might end up using -1 for the length of the time fraction, leading to
a strlen() getting performed on a pointer to a heap buffer area that is not
(purposely) null terminated.
This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when CURLINFO_CERTINFO is used.
{ affected: [], aliases: [ "CVE-2024-7264", ], database_specific: { cwe_ids: [ "CWE-125", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2024-07-31T08:15:02Z", severity: "MODERATE", }, details: "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", id: "GHSA-97c4-2w4v-c7r8", modified: "2024-08-12T18:30:45Z", published: "2024-07-31T09:30:49Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", }, { type: "WEB", url: "https://hackerone.com/reports/2629968", }, { type: "WEB", url: "https://curl.se/docs/CVE-2024-7264.html", }, { type: "WEB", url: "https://curl.se/docs/CVE-2024-7264.json", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2024/07/31/1", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
cve-2024-7264
Vulnerability from cvelistv5
Published
2024-07-31 08:08
Modified
2025-02-13 17:58
Severity ?
EPSS score ?
Summary
libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an
ASN.1 Generalized Time field. If given an syntactically incorrect field, the
parser might end up using -1 for the length of the *time fraction*, leading to
a `strlen()` getting performed on a pointer to a heap buffer area that is not
(purposely) null terminated.
This flaw most likely leads to a crash, but can also lead to heap contents
getting returned to the application when
[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| curl | curl |
Version: 8.9.0 ≤ 8.9.0 Version: 8.8.0 ≤ 8.8.0 Version: 8.7.1 ≤ 8.7.1 Version: 8.7.0 ≤ 8.7.0 Version: 8.6.0 ≤ 8.6.0 Version: 8.5.0 ≤ 8.5.0 Version: 8.4.0 ≤ 8.4.0 Version: 8.3.0 ≤ 8.3.0 Version: 8.2.1 ≤ 8.2.1 Version: 8.2.0 ≤ 8.2.0 Version: 8.1.2 ≤ 8.1.2 Version: 8.1.1 ≤ 8.1.1 Version: 8.1.0 ≤ 8.1.0 Version: 8.0.1 ≤ 8.0.1 Version: 8.0.0 ≤ 8.0.0 Version: 7.88.1 ≤ 7.88.1 Version: 7.88.0 ≤ 7.88.0 Version: 7.87.0 ≤ 7.87.0 Version: 7.86.0 ≤ 7.86.0 Version: 7.85.0 ≤ 7.85.0 Version: 7.84.0 ≤ 7.84.0 Version: 7.83.1 ≤ 7.83.1 Version: 7.83.0 ≤ 7.83.0 Version: 7.82.0 ≤ 7.82.0 Version: 7.81.0 ≤ 7.81.0 Version: 7.80.0 ≤ 7.80.0 Version: 7.79.1 ≤ 7.79.1 Version: 7.79.0 ≤ 7.79.0 Version: 7.78.0 ≤ 7.78.0 Version: 7.77.0 ≤ 7.77.0 Version: 7.76.1 ≤ 7.76.1 Version: 7.76.0 ≤ 7.76.0 Version: 7.75.0 ≤ 7.75.0 Version: 7.74.0 ≤ 7.74.0 Version: 7.73.0 ≤ 7.73.0 Version: 7.72.0 ≤ 7.72.0 Version: 7.71.1 ≤ 7.71.1 Version: 7.71.0 ≤ 7.71.0 Version: 7.70.0 ≤ 7.70.0 Version: 7.69.1 ≤ 7.69.1 Version: 7.69.0 ≤ 7.69.0 Version: 7.68.0 ≤ 7.68.0 Version: 7.67.0 ≤ 7.67.0 Version: 7.66.0 ≤ 7.66.0 Version: 7.65.3 ≤ 7.65.3 Version: 7.65.2 ≤ 7.65.2 Version: 7.65.1 ≤ 7.65.1 Version: 7.65.0 ≤ 7.65.0 Version: 7.64.1 ≤ 7.64.1 Version: 7.64.0 ≤ 7.64.0 Version: 7.63.0 ≤ 7.63.0 Version: 7.62.0 ≤ 7.62.0 Version: 7.61.1 ≤ 7.61.1 Version: 7.61.0 ≤ 7.61.0 Version: 7.60.0 ≤ 7.60.0 Version: 7.59.0 ≤ 7.59.0 Version: 7.58.0 ≤ 7.58.0 Version: 7.57.0 ≤ 7.57.0 Version: 7.56.1 ≤ 7.56.1 Version: 7.56.0 ≤ 7.56.0 Version: 7.55.1 ≤ 7.55.1 Version: 7.55.0 ≤ 7.55.0 Version: 7.54.1 ≤ 7.54.1 Version: 7.54.0 ≤ 7.54.0 Version: 7.53.1 ≤ 7.53.1 Version: 7.53.0 ≤ 7.53.0 Version: 7.52.1 ≤ 7.52.1 Version: 7.52.0 ≤ 7.52.0 Version: 7.51.0 ≤ 7.51.0 Version: 7.50.3 ≤ 7.50.3 Version: 7.50.2 ≤ 7.50.2 Version: 7.50.1 ≤ 7.50.1 Version: 7.50.0 ≤ 7.50.0 Version: 7.49.1 ≤ 7.49.1 Version: 7.49.0 ≤ 7.49.0 Version: 7.48.0 ≤ 7.48.0 Version: 7.47.1 ≤ 7.47.1 Version: 7.47.0 ≤ 7.47.0 Version: 7.46.0 ≤ 7.46.0 Version: 7.45.0 ≤ 7.45.0 Version: 7.44.0 ≤ 7.44.0 Version: 7.43.0 ≤ 7.43.0 Version: 7.42.1 ≤ 7.42.1 Version: 7.42.0 ≤ 7.42.0 Version: 7.41.0 ≤ 7.41.0 Version: 7.40.0 ≤ 7.40.0 Version: 7.39.0 ≤ 7.39.0 Version: 7.38.0 ≤ 7.38.0 Version: 7.37.1 ≤ 7.37.1 Version: 7.37.0 ≤ 7.37.0 Version: 7.36.0 ≤ 7.36.0 Version: 7.35.0 ≤ 7.35.0 Version: 7.34.0 ≤ 7.34.0 Version: 7.33.0 ≤ 7.33.0 Version: 7.32.0 ≤ 7.32.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-28T15:02:52.325Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/07/31/1", }, { url: "https://security.netapp.com/advisory/ntap-20240828-0008/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2024-7264", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-01T20:05:41.315706Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-30T19:41:40.489Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "curl", vendor: "curl", versions: [ { lessThanOrEqual: "8.9.0", status: "affected", version: "8.9.0", versionType: "semver", }, { lessThanOrEqual: "8.8.0", status: "affected", version: "8.8.0", versionType: "semver", }, { lessThanOrEqual: "8.7.1", status: "affected", version: "8.7.1", versionType: "semver", }, { lessThanOrEqual: "8.7.0", status: "affected", version: "8.7.0", versionType: "semver", }, { lessThanOrEqual: "8.6.0", status: "affected", version: "8.6.0", versionType: "semver", }, { lessThanOrEqual: "8.5.0", status: "affected", version: "8.5.0", versionType: "semver", }, { lessThanOrEqual: "8.4.0", status: "affected", version: "8.4.0", versionType: "semver", }, { lessThanOrEqual: "8.3.0", status: "affected", version: "8.3.0", versionType: "semver", }, { lessThanOrEqual: "8.2.1", status: "affected", version: "8.2.1", versionType: "semver", }, { lessThanOrEqual: "8.2.0", status: "affected", version: "8.2.0", versionType: "semver", }, { lessThanOrEqual: "8.1.2", status: "affected", version: "8.1.2", versionType: "semver", }, { lessThanOrEqual: "8.1.1", status: "affected", version: "8.1.1", versionType: "semver", }, { lessThanOrEqual: "8.1.0", status: "affected", version: "8.1.0", versionType: "semver", }, { lessThanOrEqual: "8.0.1", status: "affected", version: "8.0.1", versionType: "semver", }, { lessThanOrEqual: "8.0.0", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThanOrEqual: "7.88.1", status: "affected", version: "7.88.1", versionType: "semver", }, { lessThanOrEqual: "7.88.0", status: "affected", version: "7.88.0", versionType: "semver", }, { lessThanOrEqual: "7.87.0", status: "affected", version: "7.87.0", versionType: "semver", }, { lessThanOrEqual: "7.86.0", status: "affected", version: "7.86.0", versionType: "semver", }, { lessThanOrEqual: "7.85.0", status: "affected", version: "7.85.0", versionType: "semver", }, { lessThanOrEqual: "7.84.0", status: "affected", version: "7.84.0", versionType: "semver", }, { lessThanOrEqual: "7.83.1", status: "affected", version: "7.83.1", versionType: "semver", }, { lessThanOrEqual: "7.83.0", status: "affected", version: "7.83.0", versionType: "semver", }, { lessThanOrEqual: "7.82.0", status: "affected", version: "7.82.0", versionType: "semver", }, { lessThanOrEqual: "7.81.0", status: "affected", version: "7.81.0", versionType: "semver", }, { lessThanOrEqual: "7.80.0", status: "affected", version: "7.80.0", versionType: "semver", }, { lessThanOrEqual: "7.79.1", status: "affected", version: "7.79.1", versionType: "semver", }, { lessThanOrEqual: "7.79.0", status: "affected", version: "7.79.0", versionType: "semver", }, { lessThanOrEqual: "7.78.0", status: "affected", version: "7.78.0", versionType: "semver", }, { lessThanOrEqual: "7.77.0", status: "affected", version: "7.77.0", versionType: "semver", }, { lessThanOrEqual: "7.76.1", status: "affected", version: "7.76.1", versionType: "semver", }, { lessThanOrEqual: "7.76.0", status: "affected", version: "7.76.0", versionType: "semver", }, { lessThanOrEqual: "7.75.0", status: "affected", version: "7.75.0", versionType: "semver", }, { lessThanOrEqual: "7.74.0", status: "affected", version: "7.74.0", versionType: "semver", }, { lessThanOrEqual: "7.73.0", status: "affected", version: "7.73.0", versionType: "semver", }, { lessThanOrEqual: "7.72.0", status: "affected", version: "7.72.0", versionType: "semver", }, { lessThanOrEqual: "7.71.1", status: "affected", version: "7.71.1", versionType: "semver", }, { lessThanOrEqual: "7.71.0", status: "affected", version: "7.71.0", versionType: "semver", }, { lessThanOrEqual: "7.70.0", status: "affected", version: "7.70.0", versionType: "semver", }, { lessThanOrEqual: "7.69.1", status: "affected", version: "7.69.1", versionType: "semver", }, { lessThanOrEqual: "7.69.0", status: "affected", version: "7.69.0", versionType: "semver", }, { lessThanOrEqual: "7.68.0", status: "affected", version: "7.68.0", versionType: "semver", }, { lessThanOrEqual: "7.67.0", status: "affected", version: "7.67.0", versionType: "semver", }, { lessThanOrEqual: "7.66.0", status: "affected", version: "7.66.0", versionType: "semver", }, { lessThanOrEqual: "7.65.3", status: "affected", version: "7.65.3", versionType: "semver", }, { lessThanOrEqual: "7.65.2", status: "affected", version: "7.65.2", versionType: "semver", }, { lessThanOrEqual: "7.65.1", status: "affected", version: "7.65.1", versionType: "semver", }, { lessThanOrEqual: "7.65.0", status: "affected", version: "7.65.0", versionType: "semver", }, { lessThanOrEqual: "7.64.1", status: "affected", version: "7.64.1", versionType: "semver", }, { lessThanOrEqual: "7.64.0", status: "affected", version: "7.64.0", versionType: "semver", }, { lessThanOrEqual: "7.63.0", status: "affected", version: "7.63.0", versionType: "semver", }, { lessThanOrEqual: "7.62.0", status: "affected", version: "7.62.0", versionType: "semver", }, { lessThanOrEqual: "7.61.1", status: "affected", version: "7.61.1", versionType: "semver", }, { lessThanOrEqual: "7.61.0", status: "affected", version: "7.61.0", versionType: "semver", }, { lessThanOrEqual: "7.60.0", status: "affected", version: "7.60.0", versionType: "semver", }, { lessThanOrEqual: "7.59.0", status: "affected", version: "7.59.0", versionType: "semver", }, { lessThanOrEqual: "7.58.0", status: "affected", version: "7.58.0", versionType: "semver", }, { lessThanOrEqual: "7.57.0", status: "affected", version: "7.57.0", versionType: "semver", }, { lessThanOrEqual: "7.56.1", status: "affected", version: "7.56.1", versionType: "semver", }, { lessThanOrEqual: "7.56.0", status: "affected", version: "7.56.0", versionType: "semver", }, { lessThanOrEqual: "7.55.1", status: "affected", version: "7.55.1", versionType: "semver", }, { lessThanOrEqual: "7.55.0", status: "affected", version: "7.55.0", versionType: "semver", }, { lessThanOrEqual: "7.54.1", status: "affected", version: "7.54.1", versionType: "semver", }, { lessThanOrEqual: "7.54.0", status: "affected", version: "7.54.0", versionType: "semver", }, { lessThanOrEqual: "7.53.1", status: "affected", version: "7.53.1", versionType: "semver", }, { lessThanOrEqual: "7.53.0", status: "affected", version: "7.53.0", versionType: "semver", }, { lessThanOrEqual: "7.52.1", status: "affected", version: "7.52.1", versionType: "semver", }, { lessThanOrEqual: "7.52.0", status: "affected", version: "7.52.0", versionType: "semver", }, { lessThanOrEqual: "7.51.0", status: "affected", version: "7.51.0", versionType: "semver", }, { lessThanOrEqual: "7.50.3", status: "affected", version: "7.50.3", versionType: "semver", }, { lessThanOrEqual: "7.50.2", status: "affected", version: "7.50.2", versionType: "semver", }, { lessThanOrEqual: "7.50.1", status: "affected", version: "7.50.1", versionType: "semver", }, { lessThanOrEqual: "7.50.0", status: "affected", version: "7.50.0", versionType: "semver", }, { lessThanOrEqual: "7.49.1", status: "affected", version: "7.49.1", versionType: "semver", }, { lessThanOrEqual: "7.49.0", status: "affected", version: "7.49.0", versionType: "semver", }, { lessThanOrEqual: "7.48.0", status: "affected", version: "7.48.0", versionType: "semver", }, { lessThanOrEqual: "7.47.1", status: "affected", version: "7.47.1", versionType: "semver", }, { lessThanOrEqual: "7.47.0", status: "affected", version: "7.47.0", versionType: "semver", }, { lessThanOrEqual: "7.46.0", status: "affected", version: "7.46.0", versionType: "semver", }, { lessThanOrEqual: "7.45.0", status: "affected", version: "7.45.0", versionType: "semver", }, { lessThanOrEqual: "7.44.0", status: "affected", version: "7.44.0", versionType: "semver", }, { lessThanOrEqual: "7.43.0", status: "affected", version: "7.43.0", versionType: "semver", }, { lessThanOrEqual: "7.42.1", status: "affected", version: "7.42.1", versionType: "semver", }, { lessThanOrEqual: "7.42.0", status: "affected", version: "7.42.0", versionType: "semver", }, { lessThanOrEqual: "7.41.0", status: "affected", version: "7.41.0", versionType: "semver", }, { lessThanOrEqual: "7.40.0", status: "affected", version: "7.40.0", versionType: "semver", }, { lessThanOrEqual: "7.39.0", status: "affected", version: "7.39.0", versionType: "semver", }, { lessThanOrEqual: "7.38.0", status: "affected", version: "7.38.0", versionType: "semver", }, { lessThanOrEqual: "7.37.1", status: "affected", version: "7.37.1", versionType: "semver", }, { lessThanOrEqual: "7.37.0", status: "affected", version: "7.37.0", versionType: "semver", }, { lessThanOrEqual: "7.36.0", status: "affected", version: "7.36.0", versionType: "semver", }, { lessThanOrEqual: "7.35.0", status: "affected", version: "7.35.0", versionType: "semver", }, { lessThanOrEqual: "7.34.0", status: "affected", version: "7.34.0", versionType: "semver", }, { lessThanOrEqual: "7.33.0", status: "affected", version: "7.33.0", versionType: "semver", }, { lessThanOrEqual: "7.32.0", status: "affected", version: "7.32.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Dov Murik (Transmit Security)", }, { lang: "en", type: "remediation developer", value: "Stefan Eissing", }, ], descriptions: [ { lang: "en", value: "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-125 Out-of-bounds Read", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-31T08:10:08.639Z", orgId: "2499f714-1537-4658-8207-48ae4bb9eae9", shortName: "curl", }, references: [ { name: "json", url: "https://curl.se/docs/CVE-2024-7264.json", }, { name: "www", url: "https://curl.se/docs/CVE-2024-7264.html", }, { name: "issue", url: "https://hackerone.com/reports/2629968", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/31/1", }, ], title: "ASN.1 date parser overread", }, }, cveMetadata: { assignerOrgId: "2499f714-1537-4658-8207-48ae4bb9eae9", assignerShortName: "curl", cveId: "CVE-2024-7264", datePublished: "2024-07-31T08:08:14.585Z", dateReserved: "2024-07-30T08:04:22.389Z", dateUpdated: "2025-02-13T17:58:03.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.