Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/04/19 12:0 a.m.12 views

PT-2026-33633

Name of the Vulnerable Software and Affected Versions Apache Kafka versions 4.1.0 through 4.1.1 Description An issue exists in the OAUTHBEARER authentication mechanism where the broker property sasl.oauthbearer.jwt.validator.class defaults to...

9.1CVSS5.7AI score0.00581EPSS
Exploits0References22
ATTACKERKB
ATTACKERKB
added 2026/04/16 11:33 p.m.11 views

CVE-2026-22734

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

8.6CVSS5.8AI score0.00364EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : curl-7.61.1-22.el8.3 (AXSA:2022-3782:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3782:01 advisory. curl: OAUTH2 bearer bypass in connection re-use CVE-2022-22576 curl: credential leak on redirect CVE-2022-27774 curl: auth/cookie leak on redirect...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2022/07/01 12:0 a.m.71 views

RHEL 8 : curl (RHSA-2022:5313)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5313 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

8.1CVSS7AI score0.03425EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2022/07/01 12:0 a.m.61 views

RHEL 9 : curl (RHSA-2022:5245)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5245 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

8.1CVSS7AI score0.03425EPSS
Exploits4References11
OSV
OSV
added 2022/06/30 12:0 a.m.34 views

ALSA-2022:5313 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: OAUTH2 bearer bypass in connection re-use CVE-2022-22576 curl: credential leak on redirect CVE-2022-27774 curl:...

8.1CVSS7.4AI score0.03425EPSS
Exploits4References10
OSV
OSV
added 2022/06/28 10:52 a.m.40 views

RLSA-2022:5313 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: OAUTH2 bearer bypass in connection re-use CVE-2022-22576 curl: credential leak on redirect CVE-2022-27774 curl:...

8.1CVSS7.5AI score0.03425EPSS
Exploits4References5
Slackware Linux
Slackware Linux
added 2022/04/27 9:48 p.m.52 views

[slackware-security] curl

New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-7.83.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: OAUTH2 bearer bypass in connection...

8.1CVSS0.3AI score0.03425EPSS
Exploits4
FreeBSD
FreeBSD
added 2022/04/27 12:0 a.m.53 views

cURL -- Multiple vulnerabilities

The cURL project reports: OAUTH2 bearer bypass in connection re-use CVE-2022-22576 Credential leak on redirect CVE-2022-27774 Bad local IPv6 connection reuse CVE-2022-27775 Auth/cookie leak on redirect CVE-2022-27776...

8.1CVSS1.6AI score0.03425EPSS
Exploits4References1
Rows per page
Query Builder