Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

Gentoo FoundationGLSA-201903-03

HistoryMar 10, 2019 - 12:00 a.m.

cURL: Multiple vulnerabilities

2019-03-1000:00:00

Gentoo Foundation

security.gentoo.org

148

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.171 Low

EPSS

Percentile

96.0%

JSON

Background

A command line tool and library for transferring data with URLs.

Description

Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details.

Impact

Remote attackers could cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All cURL users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=net-misc/curl-7.64.0"

OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-misc/curl< 7.64.0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	net-misc/curl	< 7.64.0	UNKNOWN

nessus 65

fedora 9

ibm 12

openvas 29

altlinux 3

suse 6

cloudfoundry 3

amazon 2

slackware 3

ubuntu 5

freebsd 2

osv 9

debian 5

archlinux 11

ics 1

photon 1

veracode 4

oraclelinux 1

redhat 4

debiancve 3

prion 4

hackerone 1

alpinelinux 3

redhatcve 4

ubuntucve 3

centos 2

cve 3

checkpoint_advisories 1

nessus

GLSA-201903-03 : cURL: Multiple vulnerabilities

2019-03-11 00:00:00

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)

2019-02-13 00:00:00

Amazon Linux AMI : curl (ALAS-2019-1148)

2019-01-25 00:00:00

fedora

[SECURITY] Fedora 29 Update: curl-7.61.1-5.fc29

2018-11-17 05:17:14

[SECURITY] Fedora 29 Update: curl-7.61.1-4.fc29

2018-11-07 02:43:04

[SECURITY] Fedora 29 Update: curl-7.61.1-8.fc29

2019-02-12 02:58:21

ibm

Security Bulletin: IBM Event Streams is affected by cURL vulnerabilities

2018-12-17 16:15:01

Security Bulletin: A security vulnerability has been identified in Red Hat® Enterprise Linux (RHEL) Server shipped with PurePower Integrated Manager (PPIM)

2019-12-20 08:47:33

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in cURL (CVE-2018-14618 CVE-2018-16840 CVE-2018-16842)

2023-12-07 22:45:03

openvas

openSUSE: Security Advisory for curl (openSUSE-SU-2018:3706-1)

2018-11-10 00:00:00

Ubuntu Update for curl USN-3805-1

2018-11-01 00:00:00

Fedora Update for curl FEDORA-2018-7785911c9e

2019-05-07 00:00:00

altlinux

Security fix for the ALT Linux 8 package curl version 7.62.0-alt1

2018-10-31 00:00:00

Security fix for the ALT Linux 8 package curl version 7.64.0-alt1

2019-02-08 00:00:00

Security fix for the ALT Linux 8 package curl version 7.61.1-alt1

2018-09-09 00:00:00

suse

Security update for curl (moderate)

2018-11-10 00:22:19

Security update for curl (moderate)

2018-11-10 00:16:25

Security update for curl (important)

2019-02-14 00:00:00

cloudfoundry

USN-3805-1: curl vulnerabilities | Cloud Foundry

2018-11-20 00:00:00

USN-3882-1: curl vulnerabilities | Cloud Foundry

2019-02-15 00:00:00

USN-3765-1: curl vulnerability | Cloud Foundry

2018-09-27 00:00:00

amazon

Low: curl

2019-01-21 23:46:00

Medium: curl

2019-02-16 00:34:00

slackware

[slackware-security] curl

2018-11-01 00:03:28

[slackware-security] curl

2019-02-06 23:59:25

[slackware-security] curl

2018-09-06 07:45:09

ubuntu

curl vulnerabilities

2018-10-31 00:00:00

curl vulnerabilities

2019-02-06 00:00:00

curl vulnerability

2018-11-01 00:00:00

freebsd

curl -- multiple vulnerabilities

2018-10-31 00:00:00

curl -- multiple vulnerabilities

2019-02-07 00:00:00

osv

curl - security update

2018-11-02 00:00:00

curl - security update

2019-02-11 00:00:00

curl - security update

2019-02-06 00:00:00

debian

[SECURITY] [DSA 4331-1] curl security update

2018-11-02 20:16:42

[SECURITY] [DLA 1672-1] curl security update

2019-02-11 15:43:52

[SECURITY] [DSA 4386-1] curl security update

2019-02-06 22:36:32

archlinux

[ASA-201811-8] lib32-libcurl-compat: arbitrary code execution

2018-11-06 00:00:00

[ASA-201811-9] lib32-curl: arbitrary code execution

2018-11-06 00:00:00

[ASA-201811-7] lib32-libcurl-gnutls: arbitrary code execution

2018-11-06 00:00:00

ics

Siemens SINEMA Remote Connect (Update A)

2021-03-09 12:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0128

2019-02-13 00:00:00

veracode

Denial Of Service (DoS)

2021-07-05 07:11:04

Out-of-Bounds Read

2018-11-01 08:41:05

Use After Free

2024-01-19 07:58:05

oraclelinux

curl security and bug fix update

2019-11-14 00:00:00

redhat

(RHSA-2019:3701) Moderate: curl security and bug fix update

2019-11-05 20:52:39

(RHSA-2019:1543) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update

2019-06-18 19:07:29

(RHSA-2019:2181) Low: curl security and bug fix update

2019-08-06 08:10:38

debiancve

CVE-2018-16840

2018-10-31 18:29:00

CVE-2018-16842

2018-10-31 19:29:00

CVE-2018-16839

2018-10-31 18:29:00

prion

Buffer overflow

2018-10-31 18:29:00

Heap overflow

2018-10-31 18:29:00

Heap overflow

2018-10-31 19:29:00

hackerone

curl: Curl_auth_create_plain_message integer overflow leads to heap buffer overflow

2020-05-12 16:26:28

alpinelinux

CVE-2018-16839

2018-10-31 18:29:00

CVE-2018-16840

2018-10-31 18:29:00

CVE-2018-16842

2018-10-31 19:29:00

redhatcve

CVE-2018-16842

2018-10-31 07:21:47

CVE-2018-16839

2018-10-31 07:20:56

CVE-2018-16840

2018-10-31 07:22:38

ubuntucve

CVE-2018-16840

2018-10-31 00:00:00

CVE-2018-16839

2018-10-31 00:00:00

CVE-2018-16842

2018-10-31 00:00:00

centos

curl, libcurl security update

2019-07-31 13:37:28

curl, libcurl security update

2019-08-30 02:40:11

cve

CVE-2018-16839

2018-10-31 18:29:00

CVE-2018-16840

2018-10-31 18:29:00

CVE-2018-16842

2018-10-31 19:29:00

checkpoint_advisories

Haxx Libcurl NTLM Buffer Overflow (CVE-2019-3822)

2020-01-12 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.171 Low

EPSS

Percentile

96.0%

JSON

Related for GLSA-201903-03