Rocky Linux 9 : curl (RLSA-2022:6157)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6157 advisory. - curl 7.84.0 supports chained HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with differen...

SUSE-SU-2023:4129-1 Security update for tomcat

This update for tomcat fixes the following issues: Tomcat was updated to version 9.0.82 jscPED-6376, jscPED-6377: - Security issues fixed: CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. bsc1214666 CVE-2023-44487: Fix HTTP/2 Rapid Reset Attack. bsc1216182 - Update to...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome 'HEIST' Vulnerabilities

Google Chrome might be prone to multiple vulnerabilities dubbed SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2023-2235)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow a...

EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2023-2014)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the 'chained' HTTP compressio...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2014)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1838)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1862)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-1862)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the 'chained' HTTP compression algorithms,...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1590)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : curl (EulerOS-SA-2023-1590)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the 'chained' HTTP compression algorithms,...

Oracle Linux 9 : curl (ELSA-2023-1701)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-1701 advisory. 7.76.1-19.el91.2 - fix HTTP multi-header compression denial of service CVE-2023-23916 Tenable has extracted the preceding description block directly from the...

Siemens SCALANCE XCM332 Allocation of Resources Without Limits or Throttling (CVE-2022-32206)

curl 7.84.0 supports chained HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable links in this decompression chain was unbounded, allowing a malicious server to insert a virtually unlimited...

SUSE SLES15 Security Update : curl (SUSE-SU-2023:1711-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1711-1 advisory. - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the chained HTTP compression algorithms...

FreeBSD : curl -- multiple vulnerabilities (be233fc6-bae7-11ed-a4fb-080027f5fec9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the be233fc6-bae7-11ed-a4fb-080027f5fec9 advisory. - A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that...

Fedora 36 : curl (2023-94df30cbec)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-94df30cbec advisory. - fix HTTP multi-header compression denial of service CVE-2023-23916 Tenable has extracted the preceding description block directly from the Fedora security...

CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

CVE-2023-23916

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

Design/Logic Flaw

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...