Lucene search

K
mageiaGentoo FoundationMGASA-2023-0345
HistoryDec 13, 2023 - 9:32 p.m.

Updated curl packages fix security vulnerabilities

2023-12-1321:32:37
Gentoo Foundation
advisories.mageia.org
26
curl
mageia
security

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

30.9%

The updated Curl Mageia 8 and 9 packages contain a patch to fix CVE-2023-46218 The Mageia 9 packages als contain a patch to fix CVE-2023-46219. Curl in Mageia 8 does not need that patch because it is not affected by that issue.

OSVersionArchitecturePackageVersionFilename
Mageia8noarchcurl< 7.74.0-1.15curl-7.74.0-1.15.mga8
Mageia9noarchcurl< 7.88.1-3.3curl-7.88.1-3.3.mga9

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

30.9%