Advisory ROSA-SA-2026-3234

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-6 affected versions curl-8.7.1-6 CVE-ID: CVE-2025-14017 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In multi-threaded LDAPS transfers in libcurl, changing TLS options in one thread changed them globally and could affect other...

Security update for curl

This update for curl fixes the following issues: CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. CVE-2026-3783: token leak with redirect and netrc bsc1259363. CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. Patch Instructions: To install this SUSE update...

SUSE SLES15 / openSUSE 15 Security Update : curl (SUSE-SU-2026:0885-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0885-1 advisory. - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and net...

RLSA-2026:1350 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: libcurl: Curl out of bounds read for cookie path CVE-2025-9086 For more details about the security issues, including...

SUSE-SU-2026:20358-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105...

Security update for curl (moderate)

openSUSE security update: security update for curl ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20031-1 Rating: moderate References: bsc1255731 bsc1255732 bsc1255733 bsc1255734 bsc1256105 Cross-References: CVE-2025-14017 CVE-2025-14524...

Security update for curl

This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

SUSE-SU-2026:0052-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. - CVE-2025-14819: libssh global knownhost override bsc1255732. - CVE-2025-15079: libssh key passphrase bypass without agent set bsc1255733. - CVE-2025-15224: OpenSSL partial...

DLA-4432-1 curl - security update

Bulletin has no description...

RHSA-2025:23127 Red Hat Security Advisory: curl security update

Bulletin has no description...

SUSE-SU-2025:21145-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-9086: Fixed Out of bounds read for cookie path bsc1249191 - CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes bsc1253757 - CVE-2025-10148: Fixed predictable WebSocket mask bsc1249348 Other fixes: - tooloperate: fix...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : curl (SUSE-SU-2025:03198-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03198-1 advisory. Update to version 8.14.1 jscPED-13055, jscPED-13056. Security issues fixed: - CVE-2025-0665:...

curl security update

An update is available for curl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for downloadi...

SUSE-SU-2025:0372-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-0725: Fixed gzip integer overflow bsc1236590 - CVE-2025-0167: Fixed netrc and default credential leak bsc1236588...

Security update for curl

This update for curl fixes the following issues: CVE-2025-0725: Fixed gzip integer overflow bsc1236590 CVE-2025-0167: Fixed netrc and default credential leak bsc1236588 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2025:0370-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-0725: Fixed gzip integer overflow bsc1236590 - CVE-2025-0167: Fixed netrc and default credential leak bsc1236588...

SUSE-SU-2025:0369-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-0725: Fixed gzip integer overflow bsc1236590 - CVE-2025-0167: Fixed netrc and default credential leak bsc1236588...

Security update for curl

This update for curl fixes the following issues: Security issues fixed: CVE-2024-7264: ASN.1 date parser overread bsc1228535 CVE-2024-6197: Freeing stack buffer in utf8asn1str bsc1227888 CVE-2024-2379: QUIC certificate check bypass with wolfSSL bsc1221666 CVE-2024-2466: TLS certificate check bypa...

OESA-2025-1022 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...

SUSE-SU-2024:3927-2 Security update for curl

This update for curl fixes the following issues: - CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry bsc1232528...