MSA-21-0023: Recursion denial of service possible due to recursive cURL in file repository
The file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.
Severity/Risk: | Serious |
Versions affected: | 3.11, 3.10 to 3.10.4, 3.9 to 3.9.7 and earlier unsupported versions |
Versions fixed: | 3.11.1, 3.10.5 and 3.9.8 |
Reported by: | 0xkasper |
CVE identifier: | CVE-2021-36395 |
Chang |