project harbor

Top products

The 15 most recently published vulnerabilities affecting project harbor.

• CVE-2023-7104SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow5.5Dec 25, 2023
• CVE-2023-5678Excessive time spent in DH check / generation with large Q parameter value5.3Nov 6, 2023
• CVE-2023-38545This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of ...9.8Oct 18, 2023
• CVE-2023-45853MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supporte...9.8Oct 14, 2023
• CVE-2023-5156Glibc: dos due to memory leak in getaddrinfo.c7.5Sep 25, 2023
• CVE-2023-4806Glibc: potential use-after-free in getaddrinfo()5.9Sep 18, 2023
• CVE-2023-38039When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large hea...7.5Sep 15, 2023
• CVE-2023-4813Glibc: potential use-after-free in gaih_inet()5.9Sep 12, 2023
• CVE-2023-4807POLY1305 MAC implementation corrupts XMM registers on Windows7.8Sep 8, 2023
• CVE-2023-40217An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authen...5.3Aug 25, 2023
• CVE-2023-3817Excessive time spent checking DH q parameter value5.3Jul 31, 2023
• CVE-2023-3446Excessive time spent checking DH keys and parameters5.3Jul 19, 2023
• CVE-2021-33294In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.5.5Jul 18, 2023
• CVE-2023-2975AES-SIV implementation ignores empty associated data entries5.3Jul 14, 2023
• CVE-2023-0767An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 1...8.8Jun 2, 2023