Download
| Alert*
oval:org.secpod.oval:def:122190
curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:122175 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89047392 This update for curl fixes the following issues: - CVE-2022-27776: Fixed auth/cookie leak on redirect - CVE-2022-27775: Fixed bad local IPv6 connection reuse - CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use oval:org.secpod.oval:def:1700911 A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious act ... oval:org.secpod.oval:def:2107738 Oracle Solaris 11 - ( CVE-2018-1000007 ) oval:org.secpod.oval:def:706438 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:86456 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:507372 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: bad local IPv6 connection reuse For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:2600085 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:1506262 [7.76.1-19] - fix unpreserved file permissions - fix HTTP compression denial of service - fix FTP-KRB bad message verification [7.76.1-18] - fix too eager reuse of TLS and SSH connections [7.76.1-17] - fix leak of SRP credentials in redirects [7.76.1-16] - add missing tests to Makefile [7.76.1- ... oval:org.secpod.oval:def:5800074 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: bad local IPv6 connection reuse For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:88385 Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack. oval:org.secpod.oval:def:609036 Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack. oval:org.secpod.oval:def:19500155 A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious act ... |