Linux Distros Unpatched Vulnerability : CVE-2016-8620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of- bounds read via user controlled input. CVE-2016-8620...

RHEL 7 : rh-dotnet21-curl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - curl: Glob parser write/read out of bounds CVE-2016-8620 - Use-after-free vulnerability in libcurl before...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

K31411450: cURL and libcurl vulnerability CVE-2016-8620

Security Advisory Description The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. CVE-2016-8620 Impact An attacker can cause a denial-of-service DoS by exploiting a flaw in the cURL tool's glob parser to...

Slackware: Security Advisory (SSA:2016-308-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update

An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

CVE-2016-8620

The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input...

CVE-2016-8620

CVE-2016-8620 concerns curl’s globbing feature, where parsing numeric ranges could write beyond allocated memory and read out-of-bounds. The issue affects the curl tool (not libcurl) and could enable remote code execution or unintended behavior when handling invalid ranges; it may also enable out...

openSUSE Security Update : curl (openSUSE-2016-1280)

This update for curl fixes the following security issues : - CVE-2016-8624: invalid URL parsing with '' bsc1005646 - CVE-2016-8623: Use-after-free via shared cookies bsc1005645 - CVE-2016-8622: URL unescape heap overflow via integer truncation bsc1005643 - CVE-2016-8621: curlgetdate read out of...

openSUSE: Security Advisory for curl (openSUSE-SU-2016:2768-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3705-1 : curl - security update

Several vulnerabilities were discovered in cURL, an URL transfer library : - CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. - CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case...

Ubuntu: Security Advisory (USN-3123-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2016:2699-1)

This update for curl fixes the following security issues : - CVE-2016-8624: invalid URL parsing with '' bsc1005646 - CVE-2016-8623: Use-after-free via shared cookies bsc1005645 - CVE-2016-8622: URL unescape heap overflow via integer truncation bsc1005643 - CVE-2016-8621: curlgetdate read out of...

SUSE-SU-2016:2699-1 Security update for curl

This update for curl fixes the following security issues: - CVE-2016-8624: invalid URL parsing with '' bsc1005646 - CVE-2016-8623: Use-after-free via shared cookies bsc1005645 - CVE-2016-8622: URL unescape heap overflow via integer truncation bsc1005643 - CVE-2016-8621: curlgetdate read out of...