Download
| Alert*
oval:org.secpod.oval:def:705586
curl: HTTP, HTTPS, and FTP client and client libraries curl could be made to expose sensitive information over the network. oval:org.secpod.oval:def:2003831 This CVE is missing description oval:org.secpod.oval:def:89050246 This update for curl fixes the following issues: - An application that performs multiple requests with libcurl"s multi API and sets the "CURLOPT_CONNECT_ONLY" option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wr ... oval:org.secpod.oval:def:118614 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:118666 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89050370 This update for curl fixes the following issues: - An application that performs multiple requests with libcurl"s multi API and sets the "CURLOPT_CONNECT_ONLY" option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wr ... oval:org.secpod.oval:def:1601212 A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl"s multi API, and sets the `CURLOPT_CONNECT_ONLY` option, might experience libcurl using the wrong connection. The highest threat from this vulnerability is to data confidentia ... oval:org.secpod.oval:def:89000545 This update for curl fixes the following issues: - An application that performs multiple requests with libcurl"s multi API and sets the "CURLOPT_CONNECT_ONLY" option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wr ... oval:org.secpod.oval:def:67079 curl: HTTP, HTTPS, and FTP client and client libraries curl could be made to expose sensitive information over the network. oval:org.secpod.oval:def:506081 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: FTP PASV command response can cause curl to connect to arbitrary host * curl: Malicious FTP server can trigger stack ov ... oval:org.secpod.oval:def:1504906 [7.61.1-18] - http: send payload when authentication is done - curl: Inferior OCSP verification - libcurl: FTP wildcard stack overflow - curl: trusting FTP PASV responses [7.61.1-17] - validate an ssl connection using an intermediate certificate [7.61.1-16] - fix multiarch conflicts in libcurl ... oval:org.secpod.oval:def:705797 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:71227 Multiple vulnerabilities were discovered in cURL, an URL transfer library: CVE-2020-8169 Marek Szlagor reported that libcurl could be tricked into prepending a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS server ... oval:org.secpod.oval:def:4501252 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: FTP PASV command response can cause curl to connect to arbitrary host * curl: Malicious FTP server can trigger stack ov ... oval:org.secpod.oval:def:73587 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: FTP PASV command response can cause curl to connect to arbitrary host * curl: Malicious FTP server can trigger stack ov ... oval:org.secpod.oval:def:2106586 Oracle Solaris 11 - ( CVE-2007-1562 ) oval:org.secpod.oval:def:89044437 This update for curl fixes the following issues: - CVE-2021-22898: TELNET stack contents disclosure - CVE-2021-22876: The automatic referer leaks credentials - CVE-2020-8286: Inferior OCSP verification - CVE-2020-8285: FTP wildcard stack overflow - CVE-2020-8284: Trusting FTP PASV responses - C ... oval:org.secpod.oval:def:605476 Multiple vulnerabilities were discovered in cURL, an URL transfer library: CVE-2020-8169 Marek Szlagor reported that libcurl could be tricked into prepending a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS server ... oval:org.secpod.oval:def:2500466 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:1700695 A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl"s multi API, and sets the `CURLOPT_CONNECT_ONLY` option, might experience libcurl using the wrong connection. The highest threat from this vulnerability is to data confidentia ... |