CBL Mariner 2.0 Security Update: tensorflow / rust / curl (CVE-2023-32001)

The version of tensorflow / rust / curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32001 advisory. - Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that th...

CVE-2023-32001 affecting package tensorflow for versions less than 2.16.1-1

CVE-2023-32001 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...

openSUSE: Security Advisory for curl (SUSE-SU-2023:2891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2023-3355)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that this issue points out a problem that there...

EulerOS Virtualization 2.11.0 : curl (EulerOS-SA-2023-3374)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that this issue points out a problem that there...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2023-3003)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that this issue points out a problem that there really is no sa...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3355)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple publicly disclosed libcurl vulnerabilities affect IBM Safer Payments

Summary Libcurl is used by IBM Safer Payments as part of the AVRO support for Kafka. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-32001 DESCRIPTION: cURL libcurl could allow a remote authenticated attacker to bypass security restrictions, caused by a race...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3026)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3003)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-32001 affecting package rust for versions less than 1.72.0-2

CVE-2023-32001 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2023-32001 affecting package curl for versions less than 8.2.1-1

CVE-2023-32001 affecting package curl for versions less than 8.2.1-1. An upgraded version of the package is available that resolves this issue...

Fedora 37 : curl (2023-189272bcce)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-189272bcce advisory. - libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When doing this, it called stat followed by fopen in a way that made it vulnerable t...

CVE-2023-32001 vulnerabilities

Vulnerabilities for packages: curl...

CVE-2023-32001 vulnerabilities

Vulnerabilities for packages: curl...

BELL-CVE-2023-32001 CVE-2023-32001 does not affect BellSoft software

Bulletin has no description...

CVE-2023-32001

...

[SECURITY] [DSA 5460-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5460-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 26, 2023 https://www.debian.org/security/faq -...

Curl Arbitrary File Write 7.x >= 7.84.0 / 8.x <= 8.1.2 (CVE-2023-32001)

The version of Curl installed on the remote host is between 7.84.0 and 8.1.2. It is therefore affected by an arbitrary file write vulnerability. Curl can be told to save cookie, HSTS and/or alt-svc data to files. When doing this, it called stat followed by fopen in a way that made it vulnerable t...

Internet Bug Bounty: [curl] CVE-2023-32001: fopen race condition

CVE-2023-32001 is a vulnerability in the curl library that allowed for a race condition between the stat and fopen functions. This race condition could be exploited to trick users into overwriting protected files or to steal sensitive data, such as cookies. The vulnerability was fixed in a recent...