Linux Distros Unpatched Vulnerability : CVE-2016-9586

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

Mageia: Security Advisory (MGASA-2018-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2021-1818

Software: curl 7.29.0 OS: Cobalt 7.9 CVE-ID: CVE-2013-4545 CVE-Crit: CRITICAL CVE-DESC: cURL and libcurl from 7.18.0 through 7.32.0 when built with OpenSSL disables validation of CN and SAN certificate name fields CURLOPTSSLVERIFYHOST when digital signature validation CURLOPTSSLVERIFYPEER is...

SUSE: Security Advisory (SUSE-SU-2017:2701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1043-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1042-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1330)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update

An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

[SECURITY] [DLA 1568-1] curl security update

Package : curl Version : 7.38.0-4+deb8u13 CVE ID : CVE-2016-7141 CVE-2016-7167 CVE-2016-9586 CVE-2018-16839 CVE-2018-16842 Debian Bug : 848958 837945 836918 Several vulnerabilities were discovered in cURL, an URL transfer library. CVE-2016-7141 When built with NSS and the libnsspem.so library is...

EulerOS 2.0 SP2 : curl (EulerOS-SA-2018-1202)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl version curl 7.20.0 to and including curl 7.59.0 contains a Buffer Over-read vulnerability in denial of service that can result in curl can b...

CVE-2016-9586

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...

CVE-2016-9586

CVE-2016-9586 affects curl: libcurl’s printf() implementation can overflow a buffer during large floating-point output when a vulnerable application passes an external format string. This permits remote attackers if an application uses unsafely filtered external format strings. The public details...

CVE-2016-9586

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...

CVE-2016-9586

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...

USN-3441-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...

USN-3441-1: curl vulnerabilities

Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-9586...

SUSE SLES11 Security Update : curl (SUSE-SU-2017:2312-1)

This update for curl fixes the following issues : - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service bsc1051644 - CVE-2017-7407: ourWriteOut function problem could lead to a heap buffer over-read bsc1032309 - CVE-2016-9586: libcurl printf issue could lead...

macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-003)

The remote host is running Mac OS X 10.10.5, Mac OS X 10.11.6, or macOS 10.12.5 and is missing a security update. It is therefore, affected by multiple vulnerabilities : - An overflow condition exists in the curl component in the dprintfformatf function that is triggered when handling floating...

openSUSE Security Update : curl (openSUSE-2017-513)

This update for curl fixes the following issues : Security issue fixed : - CVE-2016-9586: libcurl printf floating point buffer overflow bsc1015332 - CVE-2017-7407: The ourWriteOut function in toolwriteout.c in curl might have allowed physically proximate attackers to obtain sensitive information...