Lucene search
GoogleOSV:USN-6718-3HistoryApr 29, 2024 - 11:34 a.m.
curl vulnerabilities
2024-04-2911:34:42
Google
osv.dev
2
usn-6718-1
curl
ubuntu 24.04 lts
memory handling
denial of service
http/2
protocol misuse
USN-6718-1 fixed vulnerabilities in curl. This update provides the
corresponding updates for Ubuntu 24.04 LTS.
Original advisory details:
Dan Fandrich discovered that curl would incorrectly use the default set of
protocols when a parameter option disabled all protocols without adding
any, contrary to expectations. This issue only affected Ubuntu 23.10.
(CVE-2024-2004)
It was discovered that curl incorrectly handled memory when limiting the
amount of headers when HTTP/2 server push is allowed. A remote attacker
could possibly use this issue to cause curl to consume resources, leading
to a denial of service. (CVE-2024-2398)
Related
openvas
openvas
openSUSE: Security Advisory for curl (SUSE-SU-2024:1151-1)
2024-04-09 00:00:00
Fedora: Security Advisory for curl (FEDORA-2024-a09456b7a9)
2024-05-27 00:00:00
Fedora: Security Advisory for curl (FEDORA-2024-6dab59bd47)
2024-05-27 00:00:00
amazon
amazon
Medium: curl
2024-04-24 22:15:00
nessus
nessus
Amazon Linux 2 : curl (ALAS-2024-2526)
2024-04-30 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : curl vulnerabilities (USN-6718-1)
2024-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: curl-8.2.1-5.fc39
2024-04-25 01:20:28
[SECURITY] Fedora 40 Update: curl-8.6.0-8.fc40
2024-04-19 21:41:45
ubuntu
ubuntu
curl vulnerabilities
2024-03-27 00:00:00
curl vulnerabilities
2024-04-29 00:00:00
curl vulnerability
2024-03-27 00:00:00
osv
osv
curl vulnerabilities
2024-03-27 11:43:38
HTTP/2 push headers memory-leak
2024-03-27 08:00:00
curl vulnerability
2024-03-27 14:59:43
cloudfoundry
cloudfoundry
USN-6718-1: curl vulnerabilities | Cloud Foundry
2024-05-02 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0585
2024-03-27 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0233
2024-03-27 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0743
2024-03-27 00:00:00
cvelist
cvelist
CVE-2024-2398 HTTP/2 push headers memory-leak
2024-03-27 07:55:48
CVE-2024-2004 Usage of disabled protocol
2024-03-27 07:54:27
debiancve
debiancve
CVE-2024-2398
2024-03-27 08:15:41
CVE-2024-2004
2024-03-27 08:15:41
veracode
veracode
Memory Leakage
2024-04-06 00:29:16
Logic Error
2024-04-05 20:04:00
cgr
cgr
CVE-2024-2398 vulnerabilities
2024-05-19 03:07:16
CVE-2024-2004 vulnerabilities
2024-05-19 03:07:16
f5
f5
K000140029: libcurl vulnerability CVE-2024-2398
2024-06-18 00:00:00
wolfi
wolfi
CVE-2024-2398 vulnerabilities
2024-06-25 15:33:25
CVE-2024-2004 vulnerabilities
2024-06-25 15:33:25
mageia
mageia
Updated curl packages fix security vulnerabilities
2024-03-29 06:49:09
nvd
nvd
CVE-2024-2398
2024-03-27 08:15:41
CVE-2024-2004
2024-03-27 08:15:41
cve
cve
CVE-2024-2398
2024-03-27 08:15:41
CVE-2024-2004
2024-03-27 08:15:41
hackerone
hackerone
curl: CVE-2024-2398: HTTP/2 push headers memory-leak
2024-03-05 16:56:33
Internet Bug Bounty: CVE-2024-2398: HTTP/2 push headers memory-leak
2024-03-31 20:25:17
curl: CVE-2024-2004: Usage of disabled protocol
2024-02-21 19:56:12
alpinelinux
alpinelinux
CVE-2024-2398
2024-03-27 08:15:41
CVE-2024-2004
2024-03-27 08:15:41
ibm
ibm
ubuntucve
ubuntucve
CVE-2024-2398
2024-03-27 00:00:00
CVE-2024-2004
2024-03-27 00:00:00
redhatcve
redhatcve
CVE-2024-2398
2024-03-27 09:27:15
CVE-2024-2004
2024-03-27 09:26:45
slackware
slackware
[slackware-security] curl
2024-03-27 19:16:33
redhat
redhat
vulnrichment
vulnrichment
CVE-2024-2004 Usage of disabled protocol
2024-03-27 07:54:27
hp
hp
HP ThinPro 8.0 SP 9 Security Updates
2024-06-17 00:00:00