Lucene search
K

223 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.3 views

SUSE CVE-2020-36183

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool...

8.1CVSS8AI score0.0489EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.5 views

SUSE CVE-2021-22139

Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all...

6.5CVSS6.7AI score0.00999EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.9 views

SUSE CVE-2021-22924

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...

5.4CVSS6.2AI score0.0627EPSS
Exploits1References86
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.5 views

SUSE CVE-2022-27782

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

7.5CVSS7.4AI score0.02596EPSS
Exploits1References68
Tenable Nessus
Tenable Nessus
added 2022/12/15 12:0 a.m.74 views

HCL BigFix Multiple Vulnerabilities (KB0098998)

The version of HCL BigFix Client installed on the remote host is affected by multiple vulnerabilities, including the following: - An improper authentication vulnerability exists in the curl subcomponent which might allow reuse OAUTH2-authenticated connections without properly making sure that the...

8.1CVSS6.7AI score0.03425EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.37 views

NewStart CGSL MAIN 6.02 : curl Multiple Vulnerabilities (NS-SA-2022-0083)

The remote NewStart CGSL host, running version MAIN 6.02, has curl packages installed that are affected by multiple vulnerabilities: - Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231 - A malicious server can use the FTP...

7.5CVSS6.8AI score0.09917EPSS
Exploits8References19
Snyk
Snyk
added 2022/11/08 11:0 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure. When a timeout occurs under a high load, it can cause incorrect data to be returned as the result of an asynchronously executed query. Notes: 1 This vulnerability only affects applications that communicate with...

5.8CVSS5.9AI score0.00747EPSS
Exploits0References2
Snyk
Snyk
added 2022/11/08 11:0 p.m.2 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure. When a timeout occurs under a high load, it can cause incorrect data to be returned as the result of an asynchronously executed query. Notes: 1 This vulnerability only affects applications that communicate with...

5.8CVSS7.2AI score0.00747EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/09/24 12:0 a.m.105 views

EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2022-2377)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated...

8.1CVSS6.7AI score0.03425EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2022/09/23 12:0 a.m.45 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2022-2341)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated...

9.8CVSS6.8AI score0.3197EPSS
Exploits9References10
Tenable Nessus
Tenable Nessus
added 2022/09/14 12:0 a.m.50 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2022-2310)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an...

9.8CVSS6.8AI score0.3197EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.53 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2022-2238)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an...

7.5CVSS6.7AI score0.02596EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.38 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2022-2251)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an...

7.5CVSS6.7AI score0.02596EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.34 views

EulerOS 2.0 SP8 : curl (EulerOS-SA-2022-2217)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections...

8.1CVSS6.8AI score0.02596EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.32 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2022-2128)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/07/29 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2153)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/29 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
Microsoft CVE
Microsoft CVE
added 2022/06/11 7:0 a.m.3 views

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily.

...

7.5CVSS6.8AI score0.02596EPSS
Exploits1
OSV
OSV
added 2022/06/02 2:15 p.m.3 views

DEBIAN-CVE-2022-27782

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

7.5CVSS6.6AI score0.02596EPSS
Exploits1References1
OSV
OSV
added 2022/06/02 2:15 p.m.4 views

ALPINE-CVE-2022-27782

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

7.5CVSS6.9AI score0.02596EPSS
Exploits1References1
Rows per page
Query Builder