EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1596)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability Summary for CVE-2020-8169CVE-2020-8169 - Vulnerability Summary for CVE-2020-8177CVE-2020-8177 - Expired pointer...

EulerOS Virtualization 3.0.6.6 : curl (EulerOS-SA-2021-1466)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1466)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : curl vulnerabilities (USN-4665-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4665-1 advisory. Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sen...

Debian DLA-2382-1 : curl security update

An issue has been found in curl, a command line tool for transferring data with URL syntax. In rare circumstances, when using the multi API of curl in combination with CURLOPTCONNECTONLY, the wrong connection might be used when transfering data later. For Debian 9 stretch, this problem has been...

openSUSE: Security Advisory for curl (openSUSE-SU-2020:1359-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : curl (openSUSE-2020-1359)

This update for curl fixes the following issues : - An application that performs multiple requests with libcurl's multi API and sets the 'CURLOPTCONNECTONLY' option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the...

openSUSE: Security Advisory for curl (openSUSE-SU-2020:1345-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2020:2446-1)

This update for curl fixes the following issues : An application that performs multiple requests with libcurl's multi API and sets the 'CURLOPTCONNECTONLY' option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the...

SUSE SLES12 Security Update : curl (SUSE-SU-2020:2444-1)

This update for curl fixes the following issues : An application that performs multiple requests with libcurl's multi API and sets the 'CURLOPTCONNECTONLY' option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the...

USN-4466-2: curl vulnerability

USN-4466-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sent to the wrong destination,...

Insecure Connection Processing

libcurl.so does not securely handle connections. An application that performs multiple requests with the multi API and sets the CURLOPTCONNECTONLY option when using the setup connect-only transfer, could potentially use the wrong connection and and utilize another connection that was created...

FreeBSD : curl -- expired pointer dereference vulnerability (b905dff4-e227-11ea-b0ea-08002728f74c)

curl security problems : CVE-2020-8231: wrong connect-only connection An application that performs multiple requests with libcurl's multi API and sets the CURLOPTCONNECTONLY option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will...

CURL-CVE-2020-8231 wrong connect-only connection

An application that performs multiple requests with libcurl's multi API and sets the CURLOPTCONNECTONLY option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl picks and uses the wrong connection - and instead picks another one the...