MiracleLinux 3 : curl-7.15.5-16.AXS3 (AXSA:2013-417:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-417:02 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to...

CVE-2025-15224

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

CVE-2025-13034

When using CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool,curl should check the public key of the server certificate to verify the peer. This check was skipped in a certain condition that would then make curl allow the connection without performing the proper chec...

MiracleLinux 7 : curl-7.29.0-25.0.1.el7.AXS7 (AXSA:2015-843:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-843:01 advisory. curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FIL...

MiracleLinux 7 : httpd24-nghttp2-1.7.1-7.el7, httpd24-curl-7.61.1-1.el7, httpd24-httpd-2.4.34-7.el7 (AXSA:2019-3739:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3739:01 advisory. httpd: Improper handling of headers in modsession can allow a remote user to modify session data for CGI applications CVE-2018-1283 httpd: Out of...

MiracleLinux 4 : curl-7.19.7-37.AXS4.3 (AXSA:2014-397:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-397:01 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is...

MiracleLinux 3 : curl-7.15.5-17.AXS3 (AXSA:2013-534:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-534:01 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to...

MiracleLinux 7 : nss-pem-1.0.3-5.el7, curl-7.29.0-51.el7 (AXSA:2019-3669:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3669:01 advisory. curl: HTTP authentication leak in redirects CVE-2018-1000007 curl: FTP path trickery leads to NIL byte out of bounds write CVE-2018-1000120 curl: RT...

MiracleLinux 7 : curl-7.29.0-42.el7 (AXSA:2017-1909:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1909:01 advisory. curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,...

openSUSE 16 Security Update : curl (openSUSE-SU-2026:20031-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20031-1 advisory. This update for curl fixes the following issues: - CVE-2025-14017: broken TLS options for threaded LDAPS bsc1256105. - CVE-2025-14524: bearer...

MiracleLinux 4 : curl-7.19.7-36.AXS4 (AXSA:2013-429:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-429:02 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to...

MiracleLinux 7 : curl-7.29.0-42.el7.1 (AXSA:2017-2424:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2424:02 advisory. A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker coul...

MiracleLinux 4 : curl-7.19.7-53.AXS4 (AXSA:2017-1587:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1587:01 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to...

MiracleLinux 7 : curl-7.29.0-54.el7 (AXSA:2019-4060:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4060:01 advisory. curl: Heap-based buffer over-read in the curl tool warning formatting CVE-2018-16842 Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : httpd24-nghttp2-1.7.1-7.AXS4, httpd24-curl-7.61.1-1.AXS4, httpd24-httpd-2.4.34-7.AXS4 (AXSA:2019-3745:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3745:01 advisory. httpd: Improper handling of headers in modsession can allow a remote user to modify session data for CGI applications CVE-2018-1283 httpd: Out of...

SUSE-SU-2026:20358-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105...

EulerOS 2.0 SP10 : curl (EulerOS-SA-2026-1044)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. Th...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2026-1066)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. Th...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2026-1086)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. Th...

Security update for curl (moderate)

openSUSE security update: security update for curl ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20031-1 Rating: moderate References: bsc1255731 bsc1255732 bsc1255733 bsc1255734 bsc1256105 Cross-References: CVE-2025-14017 CVE-2025-14524...