49 matches found
Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.
Summary Vulnerabilities exists in IBM Cloud Pak for Data System CPDS 1.0 - Cyclops addressed in 11.3.1.1. Vulnerability Details CVEID:CVE-2025-4878 DESCRIPTION: A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function...
Advisory ROSA-SA-2025-2997
software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-4 affected versions curl-8.7.1-4 CVE-ID: CVE-2024-11053 BDU-ID: 2024-11106 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of servic...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2025-1870)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TencentOS Server 4: curl (TSSA-2025:0009)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0009 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Security Bulletin: AIX is vulnerable to sensitive information disclosure (CVE-2025-0167, CVE-2024-11053) and a denial of service (CVE-2024-9681) due to cURL libcurl
Summary Vulnerabilities in cURL libcurl could allow a remote attacker to obtain sensitive information CVE-2025-0167, CVE-2024-11053 or cause a denial of service CVE-2024-9681. AIX uses cURL libcurl as part of rsyslog, LV/PV encryption integration with HPCS and in Live Update for interacting with...
SUSE: Security Advisory (SUSE-SU-2024:4288-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Alibaba Cloud Linux 3 : 0038: mysql:8.0 (ALINUX3-SA-2025:0038)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0038 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-11053: When asked to both use a...
Security Bulletin: Security vulnerabilities affect multiple packages shipped with IBM CICS TX Advanced.
Summary IBM CICS TX Advanced is impacted by security vulnerabilities found in packages GLib2.0, libxml2, glibc , krb5 Kerberos, libtasn1-6, Expat, OpenSSL, GnuTLS and curl. These are shipped as part of the product. Vulnerability Details CVEID:CVE-2024-12133 DESCRIPTION: A flaw in libtasn1 causes...
CVE-2024-11053 affecting package mysql for versions less than 8.0.41-1
CVE-2024-11053 affecting package mysql for versions less than 8.0.41-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-11053 affecting package mysql for versions less than 8.0.41-1
CVE-2024-11053 affecting package mysql for versions less than 8.0.41-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2025-1289)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2025-1290)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-11053 affecting package curl for versions less than 8.11.1-1
CVE-2024-11053 affecting package curl for versions less than 8.11.1-1. An upgraded version of the package is available that resolves this issue...
Linux Distros Unpatched Vulnerability : CVE-2024-11053
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host...
Photon OS 5.0: Curl PHSA-2025-5.0-0479
An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0479. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2024-11053 affecting package curl for versions less than 8.8.0-4
CVE-2024-11053 affecting package curl for versions less than 8.8.0-4. A patched version of the package is available...
Azure Linux 3.0 Security Update: cmake / curl / mysql (CVE-2024-11053)
The version of cmake / curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-11053 advisory. - When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could...
CVE-2024-11053 affecting package tensorflow for versions less than 2.16.1-7
CVE-2024-11053 affecting package tensorflow for versions less than 2.16.1-7. A patched version of the package is available...
SUSE-SU-2025:20106-1 Security update for curl
This update for curl fixes the following issues: - CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances bsc1234068...
K000149485: cURL vulnerability CVE-2024-11053
Security Advisory Description When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches th...