CVE-2022-43551

A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypasse...

[SECURITY] [DSA 4810-1] lxml security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4810-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 13, 2020 https://www.debian.org/security/faq -...