On Wed, Jan 29, 2025 at 6:15 PM Daniel Stenberg wrote:
> You don't mention what OS you're on, nor where (inside which product)
> CrowdStrike identified this vulnerability.
> Your mention of 'dll' and the reddit link however makes me draw two
> conclusions: this is on Windows, this "warning" is no
On Wed, 29 Jan 2025, Zac Todd via curl-library wrote:
I've recently had CVE-2024-7264 popping up in CrowdStrike as an open
vulnerability, for a little context I have had very little to do with
this curl stuff.
You don't mention what OS you're on, nor where (inside which produc
Hey all,
I've recently had CVE-2024-7264 popping up in CrowdStrike as an open
vulnerability, for a little context I have had very little to do with
this curl stuff.
I found this reddit post that was talking about it recently and was
going to modify the scripts seatec-astonomy linked to reme
ASN.1 date parser overread
==
Project curl Security Advisory, July 31st 2024 -
[Permalink](https://curl.se/docs/CVE-2024-7264.html)
VULNERABILITY
-
libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an
ASN.1 Generalized Time
