CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2024-11148 — HIGH severity vulnerability | Release Alert
CVE-2024-11148
7.5
HIGHCVSS v3
Published
December 5, 2024
Affected
1 project
Assigned by
9119a7d8-5eab-497f-8521-727c672e3725
Severity scale
010
Description
In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.
GitHubSource code pulled from OpenBSD for LibreSSL - this includes most of the library and supporting code. The place to contribute to this code is via the OpenBSD CVS tree. Please mail patches to [email protected], instead of submitting pull requests, since this tree is often rebased.