Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : curl-7.76.1-23.el9.1 (AXSA:2023-6065:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6065:09 advisory. curl: FTP too eager connection reuse CVE-2023-27535 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

5.9CVSS8.2AI score0.01607EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : curl-7.61.1-30.el8.2.ML.1 (AXSA:2023-6186:10)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6186:10 advisory. curl: FTP too eager connection reuse CVE-2023-27535 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

5.9CVSS8.5AI score0.01607EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-31290

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.01607EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0056: curl (ALINUX3-SA-2023:0056)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0056 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-27535: An authentication bypass...

5.9CVSS6.7AI score0.01607EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/19 10:5 p.m.35 views

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Authentication in the RHEL UBI (CVE-2023-27535)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-27535 This bulletin identifies the steps to take to address the vulnerability in RHEL. Vulnerability Details CVEID:CVE-2023-27535 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...

5.9CVSS7.2AI score0.01607EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.51 views

EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2023-2719)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...

9.8CVSS7.2AI score0.02211EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2023/11/09 12:0 a.m.57 views

NewStart CGSL MAIN 6.06 : curl Multiple Vulnerabilities (NS-SA-2023-0137)

The remote NewStart CGSL host, running version MAIN 6.06, has curl packages installed that are affected by multiple vulnerabilities: - When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might mak...

7.7AI score0.02511EPSS
Exploits4References9
OSV
OSV
added 2023/09/24 10:16 p.m.34 views

MGASA-2023-0263 Updated curl packages fix security vulnerability

TELNET option IAC injection. CVE-2023-27533 SFTP path resolving discrepancy. CVE-2023-27534 FTP too eager connection reuse. CVE-2023-27535 GSS delegation too eager connection re-use. CVE-2023-27536 HSTS double free. CVE-2023-27537 SSH connection too eager reuse still. CVE-2023-27538 UAF in SSH...

9.8CVSS5.9AI score0.62246EPSS
Exploits11References17
Tenable Nessus
Tenable Nessus
added 2023/07/28 12:0 a.m.41 views

EulerOS Virtualization 2.10.1 : curl (EulerOS-SA-2023-2459)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...

9.8CVSS7.2AI score0.02195EPSS
Exploits5References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/22 5:22 p.m.104 views

Security Bulletin: IBM MQ is affected by vulnerabilities in libcURL (CVE-2023-23916, CVE-2023-27535)

Summary Multiple issues were identified within the libcurl library that affect IBM MQ. IBM MQ uses libcurl to provide HTTPURL functionality which is only used to download remote CCDT files and is not used to send or receive messages. Vulnerability Details CVEID:CVE-2023-23916 DESCRIPTION: cURL...

6.5CVSS7.9AI score0.01703EPSS
Exploits2Affected Software1
OSV
OSV
added 2023/05/17 7:59 a.m.8 views

SUSE-SU-2023:2228-1 Security update for curl

This update for curl fixes the following issues: - CVE-2023-28320: Fixed siglongjmp race condition bsc1211231. - CVE-2023-28321: Fixed IDN wildcard matching bsc1211232. - CVE-2023-28322: Fixed POST-after-PUT confusion bsc1211233. - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. -...

9.8CVSS6.2AI score0.02658EPSS
Exploits10References22
RedHat Linux
RedHat Linux
added 2023/05/09 11:16 a.m.43 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

5.9CVSS6.7AI score0.01607EPSS
Exploits1References2
OSV
OSV
added 2023/04/14 4:59 p.m.8 views

CLSA-2023-1681491543 curl: Fix of 3 CVEs

CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27535: fix behavior when FTP too eager connection reuse - CVE-2023-27536: do not reuse connections with different GSS delegations...

9.8CVSS5.8AI score0.01993EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2023/04/02 12:0 a.m.42 views

SUSE SLES15 Security Update : curl (SUSE-SU-2023:1711-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1711-1 advisory. - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the chained HTTP compression algorithms...

9.8CVSS7.4AI score0.02195EPSS
Exploits6References19
Vulnrichment
Vulnrichment
added 2023/03/30 12:0 a.m.4 views

CVE-2023-27535

An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain...

7.6AI score0.01607EPSS
Exploits1References5
OSV
OSV
added 2023/03/27 2:47 p.m.6 views

USN-5964-2 curl vulnerabilities

USN-5964-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing,...

9.8CVSS6.8AI score0.01993EPSS
Exploits3References4
OSV
OSV
added 2023/03/27 8:31 a.m.10 views

SUSE-SU-2023:1582-1 Security update for curl

This update for curl fixes the following issues: - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. - CVE-2023-27534: Fixed SFTP path resolving discrepancy bsc1209210. - CVE-2023-27535: Fixed FTP too eager connection reuse bsc1209211. - CVE-2023-27536: Fixed GSS delegation too eager...

9.8CVSS7.3AI score0.02195EPSS
Exploits5References11
Rows per page
Query Builder