16 matches found
Astra Linux - уязвимость в curl
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
EUVD-2023-31293
Malicious code in bioql PyPI...
MGASA-2023-0263 Updated curl packages fix security vulnerability
TELNET option IAC injection. CVE-2023-27533 SFTP path resolving discrepancy. CVE-2023-27534 FTP too eager connection reuse. CVE-2023-27535 GSS delegation too eager connection re-use. CVE-2023-27536 HSTS double free. CVE-2023-27537 SSH connection too eager reuse still. CVE-2023-27538 UAF in SSH...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2510)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2484)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:2228-1 Security update for curl
This update for curl fixes the following issues: - CVE-2023-28320: Fixed siglongjmp race condition bsc1211231. - CVE-2023-28321: Fixed IDN wildcard matching bsc1211232. - CVE-2023-28322: Fixed POST-after-PUT confusion bsc1211233. - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. -...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2023-1798)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously...
AZL-38257 CVE-2023-27538 affecting package tensorflow for versions less than 2.16.1-1
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
AZL-25786 CVE-2023-27538 affecting package cmake for versions less than 3.21.4-13
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
AZL-25848 CVE-2023-27538 affecting package curl for versions less than 8.0.1-1
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
AZL-25808 CVE-2023-27538 affecting package rust for versions less than 1.72.0-2
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
CVE-2023-27538
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
SUSE-SU-2023:1582-1 Security update for curl
This update for curl fixes the following issues: - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. - CVE-2023-27534: Fixed SFTP path resolving discrepancy bsc1209210. - CVE-2023-27535: Fixed FTP too eager connection reuse bsc1209211. - CVE-2023-27536: Fixed GSS delegation too eager...
UBUNTU-CVE-2023-27538
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
SUSE-SU-2022:2813-1 Security update for curl
This update for curl fixes the following issues: - CVE-2022-27781: Fixed an issue where curl will get stuck in an infinite loop when trying to retrieve details about a TLS server's certificate chain bnc1199223. - CVE-2022-27782: Fixed an issue where TLS and SSH connections would be reused even wh...
RLSA-2022:5313 Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: OAUTH2 bearer bypass in connection re-use CVE-2022-22576 curl: credential leak on redirect CVE-2022-27774 curl:...