Lucene search
OracleLinuxELSA-2020-1792HistoryMay 05, 2020 - 12:00 a.m.
curl security update
2020-05-0500:00:00
linux.oracle.com
12
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
[7.61.1-12]
- double free due to subsequent call of realloc() (CVE-2019-5481)
- fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)
- fix TFTP receive buffer overflow (CVE-2019-5436)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | curl | < 7.61.1-12.el8 | curl-7.61.1-12.el8.src.rpm |
| oracle linux | 8 | aarch64 | curl | < 7.61.1-12.el8 | curl-7.61.1-12.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | libcurl | < 7.61.1-12.el8 | libcurl-7.61.1-12.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | libcurl-devel | < 7.61.1-12.el8 | libcurl-devel-7.61.1-12.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | libcurl-minimal | < 7.61.1-12.el8 | libcurl-minimal-7.61.1-12.el8.aarch64.rpm |
| oracle linux | 8 | src | curl | < 7.61.1-12.el8 | curl-7.61.1-12.el8.src.rpm |
| oracle linux | 8 | x86_64 | curl | < 7.61.1-12.el8 | curl-7.61.1-12.el8.x86_64.rpm |
| oracle linux | 8 | i686 | libcurl | < 7.61.1-12.el8 | libcurl-7.61.1-12.el8.i686.rpm |
| oracle linux | 8 | x86_64 | libcurl | < 7.61.1-12.el8 | libcurl-7.61.1-12.el8.x86_64.rpm |
| oracle linux | 8 | i686 | libcurl-devel | < 7.61.1-12.el8 | libcurl-devel-7.61.1-12.el8.i686.rpm |
Related
nessus
nessus
FreeBSD : curl -- multiple vulnerabilities (9fb4e57b-d65a-11e9-8a5f-e5c82b486287)
2019-09-16 00:00:00
Debian DSA-4633-1 : curl - security update
2020-02-25 00:00:00
CentOS 8 : curl (CESA-2020:1792)
2021-02-01 00:00:00
debian
debian
[SECURITY] [DSA 4633-1] curl security update
2020-02-24 19:45:52
[SECURITY] [DLA 1804-1] curl security update
2019-05-25 22:00:13
[SECURITY] [DLA 1917-1] curl security update
2019-09-13 08:18:00
openvas
openvas
Debian: Security Advisory for curl (DSA-4633-1)
2020-02-26 00:00:00
Fedora Update for curl FEDORA-2019-9e6357d82f
2019-09-18 00:00:00
openSUSE: Security Advisory for curl (openSUSE-SU-2019:2149-1)
2020-01-09 00:00:00
redhat
redhat
(RHSA-2020:1792) Moderate: curl security update
2020-04-28 09:16:55
(RHSA-2020:0250) Low: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP1 Security Update
2020-01-27 21:04:58
(RHSA-2021:0759) Moderate: curl security update
2021-03-09 08:47:34
freebsd
freebsd
curl -- multiple vulnerabilities
2019-09-11 00:00:00
curl -- multiple vulnerabilities
2019-05-22 00:00:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2020-03-15 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: curl-7.65.3-4.fc30
2019-09-18 00:56:35
[SECURITY] Fedora 31 Update: curl-7.66.0-1.fc31
2019-09-21 00:04:17
[SECURITY] Fedora 29 Update: curl-7.61.1-12.fc29
2019-09-29 02:22:57
mageia
mageia
Updated curl packages fix security vulnerabilities
2019-11-30 16:06:06
ibm
ibm
slackware
slackware
[slackware-security] curl
2019-09-12 05:20:08
[slackware-security] curl
2019-05-22 23:31:53
cloudfoundry
cloudfoundry
USN-4129-1: curl vulnerabilities | Cloud Foundry
2019-09-30 00:00:00
USN-3993-1: curl vulnerabilities | Cloud Foundry
2019-05-29 00:00:00
PXC Release update for April 2020 MySQL security patches | Cloud Foundry
2020-08-10 00:00:00
osv
osv
curl - security update
2020-02-24 00:00:00
CVE-2019-5481
2019-09-16 19:15:10
curl - security update
2019-05-25 00:00:00
suse
suse
Security update for curl (important)
2019-09-18 00:00:00
Security update for curl (important)
2019-09-24 00:00:00
Security update for curl (important)
2019-06-03 00:00:00
amazon
amazon
ubuntu
ubuntu
curl vulnerabilities
2019-09-11 00:00:00
curl vulnerability
2019-09-12 00:00:00
curl vulnerability
2019-05-22 00:00:00
hackerone
hackerone
curl: Heap buffer overflow in TFTP when using small blksize
2019-08-29 15:52:19
curl: krb5: double-free in read_data() after realloc() fail
2019-09-03 11:51:58
curl: Heap Buffer Overflow at lib/tftp.c
2019-04-29 18:08:38
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
redhatcve
redhatcve
veracode
veracode
Arbitrary Code Execution
2019-09-13 06:08:57
Heap-based Buffer Overflow
2019-05-27 03:15:11
Arbitrary Code Execution
2019-09-12 07:10:22
cve
cve
alpinelinux
alpinelinux
checkpoint_advisories
checkpoint_advisories
Haxx Curl Buffer Overflow (CVE-2019-5482)
2020-02-25 00:00:00
cURL and libcurl TFTP Heap Buffer Overflow (CVE-2019-5436)
2020-02-25 00:00:00
oraclelinux
oraclelinux
curl security update
2020-03-09 00:00:00
curl security update
2020-03-08 00:00:00
curl security and bug fix update
2020-04-06 00:00:00
symantec
symantec
curl/libcURL CVE-2019-5482 Heap Buffer Overflow Vulnerability
2019-08-31 00:00:00
centos
centos
curl, libcurl security update
2020-10-20 17:52:24
curl, libcurl security update
2020-04-08 17:51:50
archlinux
archlinux
[ASA-201905-12] libcurl-gnutls: arbitrary code execution
2019-05-31 00:00:00
[ASA-201905-16] curl: arbitrary code execution
2019-05-31 00:00:00
[ASA-201905-11] libcurl-compat: arbitrary code execution
2019-05-31 00:00:00
f5
f5
K55133295 : cURL and libcurl vulnerability CVE-2019-5436
2019-07-25 00:00:00
K41523201 : cURL vulnerability CVE-2019-5482
2020-12-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.65.0-alt1
2019-05-24 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0032
2019-10-04 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0032
2019-10-04 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for ELSA-2020-1792