53 matches found
MiracleLinux 8 : curl-7.61.1-30.el8.3 (AXSA:2023-6337:12)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6337:12 advisory. curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: IDN wildcard match may lead to Improper Cerificate Validation CVE-2023-28321...
Alibaba Cloud Linux 3 : 0112: curl (ALINUX3-SA-2023:0112)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0112 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-27536: An authentication bypass...
Linux Distros Unpatched Vulnerability : CVE-2023-28321
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as Subject Alternative...
Photon OS 5.0: Cmake PHSA-2023-5.0-0035
An update of the cmake package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0035. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CBL Mariner 2.0 Security Update: rust / tensorflow / curl / mysql (CVE-2023-28321)
The version of rust / tensorflow / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28321 advisory. - An improper certificate validation vulnerability exists in curl v8.1.0 in the way ...
Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...
CVE-2023-28321 affecting package tensorflow for versions less than 2.16.1-1
CVE-2023-28321 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Certificate Validation in the RHEL UBI (CVE-2023-28321)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-28321 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2023-28321 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Certificate Validation in the RHEL UBI (CVE-2023-28321)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-28321 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID: CVE-2023-28321 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...
EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2023-3425)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when...
EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2023-2979)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3425)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple publicly disclosed libcurl vulnerabilities affect IBM Safer Payments
Summary Libcurl is used by IBM Safer Payments as part of the AVRO support for Kafka. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-32001 DESCRIPTION: cURL libcurl could allow a remote authenticated attacker to bypass security restrictions, caused by a race...
CVE-2023-28321 affecting package mysql for versions less than 8.0.34-1
CVE-2023-28321 affecting package mysql for versions less than 8.0.34-1. An upgraded version of the package is available that resolves this issue...
Moderate: Red Hat Security Advisory: curl security update
An update for curl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
RHEL 8 : curl (RHSA-2023:6292)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6292 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...
[SECURITY] [DLA 3613-1] curl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3613-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 11, 2023 https://wiki.debian.org/LTS -...
CVE-2023-28321 affecting package rust for versions less than 1.72.0-2
CVE-2023-28321 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...
Ubuntu: Security Advisory (USN-6237-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM : curl vulnerabilities (USN-6237-3)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6237-3 advisory. USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and...