Curl 7.74.0 < 8.10.1 Input Misinterpretation (CVE-2024-9681)

Language:

Version 1.4 Dec 13, 2024, 12:03 PM IAVM reference Plugin Feed: 202412131203
Version 1.3 Nov 26, 2024, 6:59 AM CVSS metrics ("CVSSv2 score" set to 6.1) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:P") CVSS metrics ("CVSSv3 score" set to 6.5) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202411260659
Version 1.2 Nov 11, 2024, 9:16 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") Exploit attributes ("Exploit available" set to "False") Exploit attributes ("Exploitability ease" set to "No known exploits are available") Plugin Feed: 202411110916
Version 1.1 Nov 8, 2024, 11:13 AM New Plugin Feed: 202411081113

* Changelogs are generally available for changes made after Nov 1, 2022