TencentOS Server 3: curl (TSSA-2023:0089)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0089 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 2: curl (TSSA-2023:0311)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0311 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2022-43552)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-43552 advisory. - A use after free vulnerability exists in curl 7.87.0. Curl can be asked to...

CVE-2022-43552 affecting package mysql 8.0.32-1

CVE-2022-43552 affecting package mysql 8.0.32-1. No patch is available currently...

CVE-2022-43552 affecting package cmake 3.21.4-3

CVE-2022-43552 affecting package cmake 3.21.4-3. No patch is available currently...

Fedora 37 : curl (2022-d7ee33d4ad)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-d7ee33d4ad advisory. - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 - http: use the IDN decoded name in HSTS checks CVE-2022-43551 Tenable...

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8

Summary Third party reported 'Stored XSS' and 'CSRF' issues, Apache Tomcat, Apache ActiveMQ, CKEditor, libcURL, xmlbeans, scala-library, json-smart, jna-platform, jackson-databind, commons-io, shiro-core, commons-net, snappy-java, xercesImpl are identified as vulnerable components with multiple...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2261)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-43552 affecting package tensorflow for versions less than 2.16.1-1

CVE-2022-43552 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...

CentOS: Security Advisory for curl (CESA-2023:7743)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.480)

The version of AHV installed on the remote host is prior to 20220304.480. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.480 advisory. - An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially...

Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in RHEL (CVE-2022-43552 )

Summary RHEL is used by IBM Storage Ceph as the base operating system. CVE-2022-43552 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2022-43552 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a...

Moderate: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in RHEL (CVE-2022-43552 )

Summary RHEL is used by IBM Storage Ceph as the base operating system. CVE-2022-43552 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID: CVE-2022-43552 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a...

curl, libcurl security update

CentOS Errata and Security Advisory CESA-2023:7743 An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Low: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

RHEL 7 : curl (RHSA-2023:7743)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7743 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...

CVE-2022-43552 affecting package rust for versions less than 1.72.0-2

CVE-2022-43552 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

Security Bulletin: Multiple vulnerabilities in cURL libcurl affect AIX

Summary Multiple vulnerabilities in cURL libcurl affect AIX. AIX uses cURL libcurl as part of LV/PV encryption integration with HPCS. Vulnerability Details CVEID:CVE-2022-43552 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a use-after-free flaw when using an HTTP proxy...

EulerOS 2.0 SP5 : curl (EulerOS-SA-2023-2139)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP...