Download
| Alert*
|
oval:org.secpod.oval:def:87035
The host is installed with Apple Mac OS 11 before 11.7.3, Apple Mac OS 12 before 12.6.3, or Apple Mac OS 13 before 13.1 and is prone to multiple vulnerabilities. The flaws are present in the application which fails to properly handle issues in unspecified vector. Successful exploitation leads to uns ... oval:org.secpod.oval:def:2600210 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:507761 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: Incorrect handling of control code characters in cookies * curl: Use-after-free triggered by an HTTP proxy deny respons ... oval:org.secpod.oval:def:707693 curl: HTTP, HTTPS, and FTP client and client libraries curl could be denied access to a HTTP content if it recieved a specially crafted cookie. oval:org.secpod.oval:def:1506564 [7.76.1-23.el9_2.1] - fix FTP too eager connection reuse [7.76.1-23] - fix HTTP multi-header compression denial of service [7.76.1-22] - smb/telnet: fix use-after-free when HTTP proxy denies tunnel [7.76.1-21] - fix POST following PUT confusion [7.76.1-20] - control code in cookie denial of serv ... oval:org.secpod.oval:def:89047667 This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion . - CVE-2022-35252: Fixed a potential injection of control characters into cookies . oval:org.secpod.oval:def:89047564 This update for curl fixes the following issues: - CVE-2022-35252: Fixed a potential injection of control characters into cookies, which could be exploited by sister sites to cause a denial of service . oval:org.secpod.oval:def:124154 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:2501083 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. oval:org.secpod.oval:def:1506669 [7.76.1-23] - fix HTTP multi-header compression denial of service [7.76.1-22] - smb/telnet: fix use-after-free when HTTP proxy denies tunnel [7.76.1-21] - fix POST following PUT confusion [7.76.1-20] - control code in cookie denial of service oval:org.secpod.oval:def:507671 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: Incorrect handling of control code characters in cookies * curl: Use-after-free triggered by an HTTP proxy deny respons ... oval:org.secpod.oval:def:124205 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:89046941 This update for curl fixes the following issues: - CVE-2022-35252: Fixed a potential injection of control characters into cookies, which could be exploited by sister sites to cause a denial of service . oval:org.secpod.oval:def:1506772 [7.61.1-30] - fix HTTP multi-header compression denial of service [7.61.1-29] - h2: lower initial window size to 32 MiB [7.61.1-28] - smb/telnet: fix use-after-free when HTTP proxy denies tunnel [7.61.1-27] - upon HTTP_1_1_REQUIRED, retry the request with HTTP/1.1 [7.61.1-26] - control code in c ... oval:org.secpod.oval:def:89047773 This update for curl fixes the following issues: - CVE-2022-35252: Fixed a potential injection of control characters into cookies . - CVE-2022-32221: Fixed POST following PUT confusion . oval:org.secpod.oval:def:3301333 SUSE Security Update: Security update for curl oval:org.secpod.oval:def:89047651 This update for curl fixes the following issues: - CVE-2022-35252: Fixed a potential injection of control characters into cookies, which could be exploited by sister sites to cause a denial of service . oval:org.secpod.oval:def:86642 curl: HTTP, HTTPS, and FTP client and client libraries curl could be denied access to a HTTP content if it recieved a specially crafted cookie. oval:org.secpod.oval:def:86185 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. On successful exploitation, a remote user may be able to cause unexpected app termination or arb ... oval:org.secpod.oval:def:1601594 A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious act ... oval:org.secpod.oval:def:1701061 A vulnerability was found in curl. This issue occurs because a malicious server can serve excessive amounts of `Set-Cookie:` headers in an HTTP response to curl, which stores all of them. This flaw leads to a denial of service, either by mistake or by a malicious actor. A vulnerability was found in ... oval:org.secpod.oval:def:87032 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:87031 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:2107329 Oracle Solaris 11 - ( CVE-2022-32207 ) oval:org.secpod.oval:def:19500155 A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious act ... |
