Fedora: Security Advisory (FEDORA-2026-31c619152e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-27135 affecting package cmake for versions less than 3.30.3-13

CVE-2026-27135 affecting package cmake for versions less than 3.30.3-13. A patched version of the package is available...

CVE-2026-27135 affecting package cmake for versions less than 3.21.4-23

CVE-2026-27135 affecting package cmake for versions less than 3.21.4-23. A patched version of the package is available...

Fedora: Security Advisory (FEDORA-2026-46d93351cd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-10966 affecting package cmake for versions less than 3.21.4-22

CVE-2025-10966 affecting package cmake for versions less than 3.21.4-22. A patched version of the package is available...

CVE-2025-14524 affecting package cmake for versions less than 3.30.3-12

CVE-2025-14524 affecting package cmake for versions less than 3.30.3-12. A patched version of the package is available...

CVE-2025-10966 affecting package cmake for versions less than 3.30.3-12

CVE-2025-10966 affecting package cmake for versions less than 3.30.3-12. A patched version of the package is available...

CVE-2025-14017 affecting package cmake for versions less than 3.30.3-11

CVE-2025-14017 affecting package cmake for versions less than 3.30.3-11. A patched version of the package is available...

AZL-74207 CVE-2025-14524 affecting package cmake 3.30.3-11

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

CVE-2025-5917 affecting package cmake for versions less than 3.21.4-20

CVE-2025-5917 affecting package cmake for versions less than 3.21.4-20. A patched version of the package is available...

CVE-2025-5918 affecting package cmake for versions less than 3.21.4-20

CVE-2025-5918 affecting package cmake for versions less than 3.21.4-20. A patched version of the package is available...

Huawei EulerOS: Security Advisory for cmake (EulerOS-SA-2025-2496)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-69766 CVE-2025-10966 affecting package cmake 3.21.4-21

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more...

AZL-69748 CVE-2025-10966 affecting package cmake 3.30.3-11

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more...

openSUSE Security Advisory (SUSE-SU-2025:3812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:3812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-9301 affecting package cmake for versions less than 3.21.4-19

CVE-2025-9301 affecting package cmake for versions less than 3.21.4-19. A patched version of the package is available...

AZL-67290 CVE-2025-10148 affecting package cmake for versions less than 3.30.3-10

curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two...

CVE-2025-4947 affecting package cmake for versions less than 3.30.3-7

CVE-2025-4947 affecting package cmake for versions less than 3.30.3-7. A patched version of the package is available...

AZL-63824 CVE-2025-5916 affecting package cmake for versions less than 3.21.4-20

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...