63 matches found
TencentOS Server 3: curl (TSSA-2022:0200)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0200 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
BELL-CVE-2021-22925 CVE-2021-22925 does not affect BellSoft software
Bulletin has no description...
Ubuntu 16.04 ESM : curl vulnerabilities (USN-5894-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5894-1 advisory. Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized...
SUSE CVE-2021-22925
curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1249)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : curl (EulerOS-SA-2023-1249)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to...
Ubuntu: Security Advisory (USN-5021-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Siemens OpenSSL Affecting Industrial Products
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Multiple 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, disclose...
EulerOS 2.0 SP3 : curl (EulerOS-SA-2022-1711)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this wa...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1711)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (CVE-2021-22925)
Summary Security Vulnerabilities affect IBM Cloud Private - curl Vulnerability Details CVEID:CVE-2021-22925 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the option parser for sending NEWENV variables. By sniffing the network traffic,...
CVE-2021-22925 affecting package curl for versions less than 7.76.0-5
CVE-2021-22925 affecting package curl for versions less than 7.76.0-5. A patched version of the package is available...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1116)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1062)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : curl (EulerOS-SA-2022-1116)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in...
Rocky Linux 8 : curl (RLSA-2021:4511)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4511 advisory. - curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET...
AlmaLinux 8 : curl (ALSA-2021:4511)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4511 advisory. - curl 7.1.1 to and including 7.75.0 is vulnerable to an Exposure of Private Personal Information to an Unauthorized Actor by leaking credentials in the...
Mageia: Security Advisory (MGASA-2021-0384)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2022-1643198583 Fix of CVE: CVE-2021-22876, CVE-2021-22898, CVE-2021-22925
CVE-2021-22925: fix TELNET stack contents disclosure again - CVE-2021-22898: fix TELNET stack contents disclosure - CVE-2021-22876: prevent automatic referer from leaking credentials...
USN-5021-2: curl vulnerability
USN-5021-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data...