12 matches found
[SECURITY] Fedora 42 Update: cmake-3.31.11-1.fc42
CMake is used to control the software compilation process using simple platform and compiler independent configuration files. CMake generates native makefiles and workspaces that can be used in the compiler environment of your choice. CMake is quite sophisticated: it is possible to support comple...
Fedora: Security Advisory (FEDORA-2026-46d93351cd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-14524 affecting package cmake for versions less than 3.21.4-22
CVE-2025-14524 affecting package cmake for versions less than 3.21.4-22. A patched version of the package is available...
Huawei EulerOS: Security Advisory for cmake (EulerOS-SA-2025-2476)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-9301
A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may b...
AZL-66557 CVE-2025-9301 affecting package cmake for versions less than 3.30.3-9
A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may b...
PT-2025-34220
Name of the Vulnerable Software and Affected Versions: cmake version 4.1.20250725-gb5cce23 Description: A reachable assertion issue exists in the cmForEachFunctionBlocker::ReplayItems function within the cmForEachCommand.cxx file. The issue is locally exploitable and has been publicly disclosed...
Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2022-43552)
The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-43552 advisory. - A use after free vulnerability exists in curl 7.87.0. Curl can be asked to...
Azure Linux 3.0 Security Update: fluent-bit / nghttp2 / nodejs / nodejs18 (CVE-2024-28182)
The version of fluent-bit / nghttp2 / nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28182 advisory. - nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 ...
AZL-54219 CVE-2024-11053 affecting package cmake for versions less than 3.21.4-15
When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but...
AZL-37069 CVE-2024-2398 affecting package cmake for versions less than 3.21.4-14
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...
AZL-13649 CVE-2023-23915 affecting package cmake for versions less than 3.21.4-5
A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...