CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0518
https://notcve.org/view.php?id=CVE-2024-0518
Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La confusión de tipos en V8 en Google Chrome anterior a 120.0.6099.224 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html https://crbug.com/1507412 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IIUBRVICICWREJQUVT67RS7E4PVZQ5RS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNN4SO5UI3U3Q6ASTVT6WMZ4723FYDLH • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-41075
https://notcve.org/view.php?id=CVE-2023-41075
A type confusion issue was addressed with improved checks. ... Se solucionó un problema de confusión de tipos con comprobaciones mejoradas. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213673 https://support.apple.com/en-us/HT213675 https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213677 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-41060
https://notcve.org/view.php?id=CVE-2023-41060
A type confusion issue was addressed with improved checks. ... Se solucionó un problema de confusión de tipos con comprobaciones mejoradas. • https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-20662 – Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20662
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Online Certificate Status Protocol (OCSP) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20662 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51701 – @fastify-reply-from JSON Content-Type parsing confusion
https://notcve.org/view.php?id=CVE-2023-51701
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with `@fastify/reply-from` could misinterpret the incoming body by passing an header `ContentType: application/json ; charset=utf-8`. This can lead to bypass of security checks. This vulnerability has been patched in '@fastify/reply-from` version 9.6.0. fastify-reply-from es un complemento de Fastify para reenviar la solicitud HTTP actual a otro servidor. Un servidor proxy inverso creado con `@fastify/reply-from` podría malinterpretar el cuerpo entrante al pasar un encabezado `ContentType: application/json; charset=utf-8`. • https://github.com/fastify/fastify-reply-from/releases/tag/v9.6.0 https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-v2v2-hph8-q5xp • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •