17 matches found
Astra Linux - уязвимость в curl
libcurl provides the CURLOPTCERTINFO option to allow applications to request details about a server’s certificate chain. Due to a faulty function, a malicious server could cause libcurl, built with NSS, to get stuck in an endless busy-loop when attempting to retrieve that information...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2022-2238)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2022-2251)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an...
EulerOS 2.0 SP8 : curl (EulerOS-SA-2022-2217)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections...
Ubuntu 16.04 ESM : curl vulnerabilities (USN-5499-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5499-1 advisory. Florian Kohnhuser discovered that curl incorrectly handled returning a TLS servers certificate chain details. A remote attacker could possibly use this...
CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...
CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...
DEBIAN-CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...
CVE-2022-27781
CVE-2022-27781 affects libcurl builds using NSS; due to an erroneous function, a malicious server could cause libcurl to enter a never-ending busy-loop when retrieving certificate information, impacting availability. Affected advisories suggest upgrading curl/libcurl to a patched version (e.g., n...
CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...
CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...
CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...
SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:1870-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1870-1 advisory. - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a...
SUSE SLES12 Security Update : curl (SUSE-SU-2022:1805-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1805-1 advisory. - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : curl vulnerabilities (USN-5412-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5412-1 advisory. Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this iss...
CVE-2022-27781
libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. Du...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2022-131-01)
The version of curl installed on the remote host is prior to 7.83.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-131-01 advisory. - libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have...