CVE-2024-29186 | brefphp bref up to 2.1.16 parseHeaderContent resource consumption (GHSA-j4hq-f63x-f39r)

Posted by Angelo Barbosa | Mar 22, 2024 | CVE

A vulnerability, which was classified as problematic, was found in brefphp bref up to 2.1.16. Affected is the function StreamedPart::parseHeaderContent. The manipulation leads to resource consumption.

This vulnerability is traded as CVE-2024-29186. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29186 | brefphp bref up to 2.1.16 parseHeaderContent resource consumption (GHSA-j4hq-f63x-f39r)

Related Posts

CVE-2022-41737 | IBM Storage Scale Container Native Storage Access up to 5.1.7.0 improper authentication (XFDB-237811)

CVE-2024-2357 | Libreswan up to 4.12 IKEv2 Retransmit denial of service

CVE-2024-49990 | Linux Kernel up to 6.10.13/6.11.2 HDCP xe_gsc null pointer dereference (c940627857ee/7266a424b1e5/b4224f6bae38)

CVE-2024-3248 | Xpdf up to 4.05 Attachment stack-based overflow