CVE-2023-27538 affecting package cmake for versions less than 3.21.4-13

CVE-2023-27538 affecting package cmake for versions less than 3.21.4-13. A patched version of the package is available...

CVE-2023-46218 affecting package cmake for versions less than 3.21.4-13

CVE-2023-46218 affecting package cmake for versions less than 3.21.4-13. A patched version of the package is available...

CVE-2023-27535 affecting package cmake for versions less than 3.21.4-13

CVE-2023-27535 affecting package cmake for versions less than 3.21.4-13. A patched version of the package is available...

CVE-2023-27536 affecting package cmake for versions less than 3.21.4-13

CVE-2023-27536 affecting package cmake for versions less than 3.21.4-13. A patched version of the package is available...

AZL-25786 CVE-2023-27538 affecting package cmake for versions less than 3.21.4-13

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...

AZL-13651 CVE-2023-23916 affecting package cmake for versions less than 3.21.4-13

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

AZL-13280 CVE-2022-43552 affecting package cmake for versions less than 3.21.4-13

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...