23 matches found
Photon OS 2.0: Curl PHSA-2019-2.0-0128
An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0128. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in cURL (CVE-2018-16840 CVE-2018-16842)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in cURL. Vulnerability Details CVEID: CVE-2018-16840 DESCRIPTION: cURL is vulnerable to a denial of service, caused by a heap use-after-free flaw in the Curlclose function. By sending a specially-crafted...
BELL-CVE-2018-16840 CVE-2018-16840 does not affect BellSoft software
Bulletin has no description...
SUSE: Security Advisory (SUSE-SU-2019:0339-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2020-1626)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local
Summary Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2019-5435 DESCRIPTION: An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. CVSS Base score: 7.3 CVSS Temporal Score: See:...
Fedora Update for curl FEDORA-2019-697de0501f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 29 : curl (2018-7785911c9e)
SASL password overflow via integer overflow CVE-2018-16839 - fix use-after-free in handle close CVE-2018-16840 - fix bad arethmetic when outputting warnings to stderr CVE-2018-16842 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...
SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2018:3624-1)
This update for curl fixes the following issues : CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes bsc1112758 CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes bsc1112758 CVE-2018-16842: A Out-of-bounds...
Security Bulletin: IBM Event Streams is affected by cURL vulnerabilities
Summary IBM Event Streams is affected by the following vulnerabilities in the included cURL application. Vulnerability Details CVEID: CVE-2018-16840 DESCRIPTION: cURL is vulnerable to a denial of service, caused by a heap use-after-free flaw in the Curlclose function. By sending a specially-craft...
USN-3805-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Harry Sintonen discovered that curl incorrectly handled SASL authentication. A remote attacker could use this issue to cause curl to crash, resulting in a...
Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by a vulnerability in libcurl (CVE-2018-16840)
Summary The Community Edition of IBM ILOG CPLEX Optimization Studio on Windows platform only has addressed the following vulnerability: libcurl is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2018-16840 DESCRIPTION: cURL is vulnerable to a denial of service, caused by a hea...
Security update for curl (moderate)
This update for curl fixes the following issues: - CVE-2018-16840: A use after free in closing SASL handles was fixed bsc1112758 - CVE-2018-16842: A Out-of-bounds Read in toolmsgs.c was fixed which could lead to crashes bsc1113660 This update was imported from the SUSE:SLE-12:Update update projec...
openSUSE: Security Advisory for curl (openSUSE-SU-2018:3706-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for curl FEDORA-2018-fdc4ca8675
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201811-9] lib32-curl: arbitrary code execution
Arch Linux Security Advisory ASA-201811-9 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16839 CVE-2018-16840 Package : lib32-curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-796 Summary ======= The package...
[ASA-201811-7] lib32-libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201811-7 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16839 CVE-2018-16840 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-798 Summary ======= The...
[ASA-201811-5] libcurl-compat: arbitrary code execution
Arch Linux Security Advisory ASA-201811-5 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16840 Package : libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-800 Summary ======= The package libcurl-comp...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:3608-1)
This update for curl fixes the following issues : CVE-2018-16840: A use after free in closing SASL handles was fixed bsc1112758 CVE-2018-16842: A Out-of-bounds Read in toolmsgs.c was fixed which could lead to crashes bsc1113660 Note that Tenable Network Security has extracted the preceding...
Slackware 14.0 / 14.1 / 14.2 / current : curl (SSA:2018-304-01)
New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-304-01. The text itself is copyright C Slackware Linux,...