{"vulnerability": "CVE-2024-2511", "sightings": [{"uuid": "b212b1d2-616e-4542-b830-5bb643e22b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2511", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "32e8b5e7-734a-431f-bd75-a69f52ef4655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2511", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "ca0693e4-53cc-4475-bfe8-e244d7abab27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2511", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116045244707913659", "content": "", "creation_timestamp": "2026-02-10T07:51:51.376048Z"}, {"uuid": "52ca61a9-107f-4653-be07-371bf91eed5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2511", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "c897b452-80c5-48a6-83c3-a941902131c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2511", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9434", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-2511\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Issue summary: Some non-default TLS server configurations can cause unbounded\nmemory growth when processing TLSv1.3 sessions\n\nImpact summary: An attacker may exploit certain server configurations to trigger\nunbounded memory growth that would lead to a Denial of Service\n\nThis problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is\nbeing used (but not if early_data support is also configured and the default\nanti-replay protection is in use). In this case, under certain conditions, the\nsession cache can get into an incorrect state and it will fail to flush properly\nas it fills. The session cache will continue to grow in an unbounded manner. A\nmalicious client could deliberately create the scenario for this failure to\nforce a Denial of Service. It may also happen by accident in normal operation.\n\nThis issue only affects TLS servers supporting TLSv1.3. It does not affect TLS\nclients.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL\n1.0.2 is also not affected by this issue.\n\ud83d\udccf Published: 2024-04-08T13:51:12.349Z\n\ud83d\udccf Modified: 2025-03-28T19:21:08.630Z\n\ud83d\udd17 References:\n1. https://www.openssl.org/news/secadv/20240408.txt\n2. https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08\n3. https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce\n4. https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d\n5. https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640", "creation_timestamp": "2025-03-28T19:28:59.000000Z"}, {"uuid": "14b0d3aa-9533-441a-ae80-d6dc5b314dda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-25111", "type": "seen", "source": "https://bsky.app/profile/ctsd-gmbh.bsky.social/post/3mjwfpj3nkt2f", "content": "", "creation_timestamp": "2026-04-20T11:51:23.727100Z"}, {"uuid": "1bd54856-59a9-4f9a-a4ac-90e4f2ea6a5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-2511", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "5a227f68-4815-4ee5-a57e-162eccd72879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2511", "type": "seen", "source": "https://t.me/itsec_news/4304", "content": "\u200b\u26a1\ufe0fOpenSSL 3.3.0: \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439 \u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 API\n\n\ud83d\udcac \u041f\u043e\u0441\u043b\u0435 5 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0431\u044b\u043b\u0430 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 OpenSSL 3.3.0, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0443\u044e \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 SSL/TLS \u0438 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u0432 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f. \u041f\u0435\u0440\u0438\u043e\u0434 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 OpenSSL 3.3 \u043f\u0440\u043e\u0434\u043b\u0438\u0442\u0441\u044f \u0434\u043e \u0430\u043f\u0440\u0435\u043b\u044f 2026 \u0433\u043e\u0434\u0430. \u0412 \u0442\u043e \u0436\u0435 \u0432\u0440\u0435\u043c\u044f, \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 OpenSSL \u2014 3.2, 3.1 \u0438 3.0 LTS \u2014 \u0431\u0443\u0434\u0443\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043e \u043d\u043e\u044f\u0431\u0440\u044f 2025 \u0433\u043e\u0434\u0430, \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430 \u0438 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2026 \u0433\u043e\u0434\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e. \u0418\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u043e\u0434 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0435\u0439 Apache 2.0.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0438\u043d\u043d\u043e\u0432\u0430\u0446\u0438\u0438 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 OpenSSL 3.3.0 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043d\u043e\u0432\u044b\u0435 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u044b \u0432 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439. \u0420\u0435\u043b\u0438\u0437 \u043f\u0440\u0438\u0432\u043d\u043e\u0441\u0438\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041d\u043e\u0432\u044b\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 QUIC:\n\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 qlog, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c QUIC-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f.\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u044b API \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u044f \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 QUIC, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u0442\u043e\u043a\u043e\u0432.\n\u0412\u0432\u0435\u0434\u0435\u043d\u044b API, \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043d\u0435\u044f\u0432\u043d\u0443\u044e \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 QUIC \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043e\u043f\u0440\u0430\u0448\u0438\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u043c\u0435\u0440 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u0442\u043e\u043a\u0430 QUIC.\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d SSL_write_ex2 \u0434\u043b\u044f \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u043e\u043a\u043e\u043d\u0447\u0430\u043d\u0438\u044f \u043f\u043e\u0442\u043e\u043a\u0430 \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 QUIC.\n\n\u0423\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u0432 \u0438 API:\n\n\u0420\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 BLAKE2s \u0441 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u0434\u043b\u0438\u043d\u043e\u0439 \u0432\u044b\u0432\u043e\u0434\u0430, \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e BLAKE2b.\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b API \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u043d\u0430 32-\u0431\u0438\u0442\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043f\u043e\u0441\u043b\u0435 2038 \u0433\u043e\u0434\u0430 \u0438 \u043d\u043e\u0432\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u044b \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 EVP_PKEY_fromdata \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 CRT.\n\n\u041e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c:\n\n\u041f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0430 \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f AES-GCM \u0438 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f ARM Neoverse, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u043b\u044f Apple Silicon M3.\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0430\u0441\u0441\u0435\u043c\u0431\u043b\u0435\u0440\u0441\u043a\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f md5 \u0434\u043b\u044f loongarch64 \u0438 \u0432\u0435\u043a\u0442\u043e\u0440\u043d\u044b\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f RISC-V \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439.\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043d\u043e\u0432\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u043b\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u043e \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u043a \u043e\u0448\u0438\u0431\u043a\u0430\u043c.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c:\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u0435\u0441\u0441\u0438\u0439 \u0432 TLSv1.3, \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043a CVE-2024-2511.\n\u0412\u043d\u0435\u0441\u0435\u043d\u044b \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 ASN1 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043d\u043e\u0432\u044b\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043d\u0430 HTTP-\u043e\u0442\u0432\u0435\u0442\u044b \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u0435\u0442 \u0432 \u0441\u0435\u0431\u0435 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0443\u043a\u0440\u0435\u043f\u043b\u044f\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438, \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043d\u043e\u0432\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e QUIC, \u043c\u043e\u0433\u0443\u0442 \u043d\u0430\u0439\u0442\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-04-10T13:12:16.000000Z"}, {"uuid": "8129ef34-5c68-41a5-af19-721be102bf71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25110", "type": "seen", "source": "https://t.me/arpsyndicate/4890", "content": "#ExploitObserverAlert\n\nCVE-2024-25110\n\nDESCRIPTION: Exploit Observer has 10 entries in 5 file formats related to CVE-2024-25110. The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule with commit `30865c9c`. There are no known workarounds for this vulnerability.\n\nFIRST-EPSS: 0.000430000\nARPS-PRIORITY: 0.7568968", "creation_timestamp": "2024-04-26T05:42:33.000000Z"}, {"uuid": "68f6029f-7289-463f-a001-1fa90f66d8be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2511", "type": "seen", "source": "https://t.me/arpsyndicate/4432", "content": "#ExploitObserverAlert\n\nCVE-2024-2511\n\nDESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2024-2511. Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions  Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service  This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation.  This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients.  The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.\n\nFIRST-EPSS: 0.000000000", "creation_timestamp": "2024-04-10T11:29:13.000000Z"}, {"uuid": "4602c3c0-e73c-450d-ad45-2852c74d3080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25114", "type": "seen", "source": "https://t.me/ctinow/205133", "content": "https://ift.tt/L1okFq9\nCVE-2024-25114", "creation_timestamp": "2024-03-11T23:27:02.000000Z"}, {"uuid": "4dbe2a69-4ec3-49b4-84a6-e07eceaa9f2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25117", "type": "seen", "source": "https://t.me/ctinow/206480", "content": "https://ift.tt/NmZldqs\nCVE-2024-25117 | dompdf php-svg-lib up to 0.5.1 parseCssStyle file inclusion", "creation_timestamp": "2024-03-13T09:11:52.000000Z"}, {"uuid": "e6a05b4a-ceab-497a-8b41-7b8b09c96365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25114", "type": "seen", "source": "https://t.me/ctinow/205141", "content": "https://ift.tt/L1okFq9\nCVE-2024-25114", "creation_timestamp": "2024-03-11T23:27:16.000000Z"}, {"uuid": "3dbccc17-6248-4587-9a97-5e8822dc7736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25111", "type": "seen", "source": "https://t.me/ctinow/201778", "content": "https://ift.tt/0FESJwP\nCVE-2024-25111", "creation_timestamp": "2024-03-06T20:36:16.000000Z"}, {"uuid": "3712ee69-d983-4bd1-ab54-722e81561dfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25111", "type": "seen", "source": "https://t.me/ctinow/202163", "content": "https://ift.tt/BnyrNhT\nCVE-2024-25111", "creation_timestamp": "2024-03-07T07:46:05.000000Z"}, {"uuid": "eb67d050-915e-423a-aaf6-f46ee576e1fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25118", "type": "seen", "source": "https://t.me/ctinow/201082", "content": "https://ift.tt/VNYEORZ\nCVE-2024-25118 | TYPO3 Backend Forms information disclosure (GHSA-38r2-5695-334w)", "creation_timestamp": "2024-03-06T08:06:58.000000Z"}, {"uuid": "072fb3a0-10f8-4707-b867-0afa1977df91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25119", "type": "seen", "source": "https://t.me/ctinow/201081", "content": "https://ift.tt/ErpPKlT\nCVE-2024-25119 | TYPO3 Install Tool information disclosure (GHSA-h47m-3f78-qp9g)", "creation_timestamp": "2024-03-06T08:06:57.000000Z"}, {"uuid": "061c0c9e-5820-434a-a74e-afa76478f9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25117", "type": "seen", "source": "https://t.me/ctinow/189899", "content": "https://ift.tt/GS5Zz3J\nCVE-2024-25117", "creation_timestamp": "2024-02-21T18:31:26.000000Z"}, {"uuid": "15959dd6-38b4-4860-bfa4-5e5a95b67b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25113", "type": "seen", "source": "https://t.me/ctinow/187073", "content": "https://ift.tt/nLzPXWl\nCVE-2024-25113", "creation_timestamp": "2024-02-17T23:26:34.000000Z"}, {"uuid": "4084c540-918f-46e5-8b97-9c930c409fa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25117", "type": "seen", "source": "https://t.me/ctinow/189913", "content": "https://ift.tt/GS5Zz3J\nCVE-2024-25117", "creation_timestamp": "2024-02-21T18:36:19.000000Z"}, {"uuid": "b01f2190-5706-4b54-bb2b-cd95f943804f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25113", "type": "seen", "source": "https://t.me/ctinow/187072", "content": "https://ift.tt/nLzPXWl\nCVE-2024-25113", "creation_timestamp": "2024-02-17T23:21:43.000000Z"}, {"uuid": "5e24336d-037f-498c-ac88-18104a6cb375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25112", "type": "seen", "source": "https://t.me/ctinow/185263", "content": "https://ift.tt/ch8wDev\nCVE-2024-25112", "creation_timestamp": "2024-02-15T06:26:48.000000Z"}, {"uuid": "99ff6d28-d139-4b0e-ba05-e5d3cf00f096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25112", "type": "seen", "source": "https://t.me/ctinow/183525", "content": "https://ift.tt/Cp5ahov\nCVE-2024-25112", "creation_timestamp": "2024-02-13T00:26:16.000000Z"}, {"uuid": "44c4d1fc-9834-49cd-bec6-44f944f27ab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25119", "type": "seen", "source": "https://t.me/ctinow/184321", "content": "https://ift.tt/C8gGYnU\nCVE-2024-25119", "creation_timestamp": "2024-02-14T00:21:59.000000Z"}, {"uuid": "7638cba8-0fbe-4cc4-85ed-9e62efa018bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25118", "type": "seen", "source": "https://t.me/ctinow/184320", "content": "https://ift.tt/I21fdnc\nCVE-2024-25118", "creation_timestamp": "2024-02-14T00:21:58.000000Z"}, {"uuid": "9432edaa-3a64-4a8f-a2f9-44316ec02a94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25110", "type": "seen", "source": "https://t.me/ctinow/183416", "content": "https://ift.tt/G9SiVh6\nCVE-2024-25110", "creation_timestamp": "2024-02-12T21:22:22.000000Z"}]}