Z2

**Name of the Vulnerable Software and Affected Versions** libcurl versions prior to 8.0.0 Oracle MySQL versions 8.0.0 and earlier Oracle MySQL versions 8.4.0 and earlier Oracle MySQL versions 9.0.0 and earlier **Description** A flaw exists in the WebSocket code of libcurl where a malicious server can send a crafted packet, causing libcurl to enter an endless busy-loop. The application has no means to escape this loop other than terminating the thread or process, potentially leading to a denial-of-service (DoS) condition for applications using libcurl. This issue also affects Oracle MySQL through its dependency on libcurl within the Server:Packaging component. Successful exploitation can lead to a hang or frequent crashes of the MySQL Server. **Recommendations** libcurl versions prior to 8.0.0: Update to version 8.0.0 or later. Oracle MySQL versions 8.0.0 and earlier: Update to a version later than 8.0.0. Oracle MySQL versions 8.4.0 and earlier: Update to a version later than 8.4.0. Oracle MySQL versions 9.0.0 and earlier: Update to a version later than 9.0.0.

**Name of the Vulnerable Software and Affected Versions** libcurl (affected versions not specified) **Description** The issue is related to libcurl's ASN1 parser, specifically the `utf8asn1str()` function used for parsing an ASN.1 UTF-8 string. When an invalid field is detected, the function returns an error and invokes `free()` on a 4-byte local stack buffer. This can lead to the overwriting of nearby stack memory, with the content of the overwrite decided by the `free()` implementation, likely including memory pointers and a set of flags. The most likely outcome of exploiting this flaw is a crash, although more serious results cannot be ruled out in special circumstances. According to JFrog security researchers, the preconditions for vulnerability are more extensive than initially believed, making real-world exploitation very difficult. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** cURL (affected versions not specified) **Description** The issue is related to the `curl url get()` function in the cURL utility, which is used for Punycode conversions of IDN domains. When a name exactly 256 bytes is converted, it can cause the function to read outside a stack-based buffer, leading to potential information disclosure. This flaw can result in stack contents being returned as part of the converted string. The vulnerability may allow a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.