CVE-2024-10395
HIGHDescription
No proper validation of the length of user input in http_server_get_content_type_from_extension.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| zephyrproject | zephyr |
References
Frequently Asked Questions
What is CVE-2024-10395? +
How severe is CVE-2024-10395? +
What products are affected by CVE-2024-10395? +
How do I check if I'm vulnerable to CVE-2024-10395? +
Related Vulnerabilities
Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between …
Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote …
A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, …
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe …
When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start …