Download
| Alert*
|
oval:org.secpod.oval:def:88466
curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:5800102 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: HTTP compression denial of service * curl: Unpreserved file permissions * curl: FTP-KRB bad message verification For ... oval:org.secpod.oval:def:707458 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:1701061 A vulnerability was found in curl. This issue occurs because a malicious server can serve excessive amounts of `Set-Cookie:` headers in an HTTP response to curl, which stores all of them. This flaw leads to a denial of service, either by mistake or by a malicious actor. A vulnerability was found in ... oval:org.secpod.oval:def:2600023 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:88385 Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack. oval:org.secpod.oval:def:123191 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:2107329 Oracle Solaris 11 - ( CVE-2022-32207 ) oval:org.secpod.oval:def:507122 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: HTTP compression denial of service * curl: Unpreserved file permissions * curl: FTP-KRB bad message verification For ... oval:org.secpod.oval:def:19500155 A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious act ... oval:org.secpod.oval:def:609036 Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack. oval:org.secpod.oval:def:122527 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89047740 This update for curl fixes the following issues: - CVE-2022-32205: Set-Cookie denial of service - CVE-2022-32206: HTTP compression denial of service - CVE-2022-32207: Unpreserved file permissions - CVE-2022-32208: FTP-KRB bad message verification oval:org.secpod.oval:def:3300521 SUSE Security Update: Security update for curl oval:org.secpod.oval:def:1505985 [7.76.1-14.el9_0.5] - fix unpreserved file permissions - fix HTTP compression denial of service - fix FTP-KRB bad message verification oval:org.secpod.oval:def:86017 The host is installed with Apple Mac OS before 13.0 and is prone to a multiple vulnerabilities. The flaws are present in the application, which fails to properly handle issues in curl. Successful exploitation could lead to unspecified impacts. oval:org.secpod.oval:def:85969 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... |
