52 matches found
Moderate Photon OS Security Update - PHSA-2026-4.0-0941
Updates of 'curl' packages of Photon OS have been released...
Important Photon OS Security Update - PHSA-2025-5.0-0660
Updates of 'curl' packages of Photon OS have been released...
[slackware-security] curl
New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.14.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: No QUIC certificate pinning with wolfSSL. QUIC certificate...
RLSA-2024:5654 Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: HTTP/2 push headers memory-leak CVE-2024-2398 For more details about the security issues, including the impact, a CVS...
MGASA-2025-0123 Updated curl packages fix security vulnerabilities
When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. The fix was included previously as part of MGAA-2025-0004...
Updated curl packages fix security vulnerabilities
When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. The fix was included previously as part of MGAA-2025-0004...
Moderate Photon OS Security Update - PHSA-2025-4.0-0774
Updates of 'curl' packages of Photon OS have been released...
Linux Distros Unpatched Vulnerability : CVE-2018-1000120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse...
CVE-2025-0167 vulnerabilities
Vulnerabilities for packages: curl...
CVE-2025-0725 vulnerabilities
Vulnerabilities for packages: curl...
CVE-2025-0725 vulnerabilities
Vulnerabilities for packages: curl...
Updated curl packages fix security vulnerability
When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but...
MGASA-2024-0391 Updated curl packages fix security vulnerability
When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but...
MGASA-2024-0360 Updated curl packages fix security vulnerability
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...
MGASA-2024-0099 Updated curl packages fix security vulnerabilities
CVE-2024-2004: Usage of disabled protocol If all protocols are disabled at run-time with none being added, curl/libcurl would still allow communication with the default set of allowed protocols, including some that are unencrypted. CVE-2024-2398: HTTP/2 push headers memory-leak A memory leak coul...
Important Photon OS Security Update - PHSA-2024-4.0-0585
Updates of 'curl' packages of Photon OS have been released...
Important Photon OS Security Update - PHSA-2024-3.0-0743
Updates of 'curl' packages of Photon OS have been released...
MGASA-2023-0288 Updated the curl packages to fix two security vulnerabilities
curl/libcurl is vulnerable to a heap buffer overflow in its SOCKS5 support that could be exploited by a remote web server when curl is configured to use a SOCKS5 proxy with remote hostname resolution. libcurl is vulnerable to a cookie injection attack where a local attacker can inject cookies int...
MGASA-2023-0263 Updated curl packages fix security vulnerability
TELNET option IAC injection. CVE-2023-27533 SFTP path resolving discrepancy. CVE-2023-27534 FTP too eager connection reuse. CVE-2023-27535 GSS delegation too eager connection re-use. CVE-2023-27536 HSTS double free. CVE-2023-27537 SSH connection too eager reuse still. CVE-2023-27538 UAF in SSH...
Oracle Linux 8 : curl (ELSA-2020-1792)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1792 advisory. - double free due to subsequent call of realloc CVE-2019-5481 - fix heap buffer overflow in function tftpreceivepacket CVE-2019-5482 Tenable has...