37 matches found
MiracleLinux 7 : curl-7.29.0-54.el7 (AXSA:2019-4060:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4060:01 advisory. curl: Heap-based buffer over-read in the curl tool warning formatting CVE-2018-16842 Tenable has extracted the preceding description block directly from the...
Linux Distros Unpatched Vulnerability : CVE-2018-16842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure and...
Photon OS 2.0: Curl PHSA-2019-2.0-0128
An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0128. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in cURL (CVE-2018-16840 CVE-2018-16842)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in cURL. Vulnerability Details CVEID: CVE-2018-16840 DESCRIPTION: cURL is vulnerable to a denial of service, caused by a heap use-after-free flaw in the Curlclose function. By sending a specially-crafted...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.10.9)
The version of AOS installed on the remote host is prior to 5.10.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.10.9 advisory. - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get...
Ubuntu: Security Advisory (USN-3805-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0339-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in Curl used in OS image for RedHat Enterprise Linux for Cloud Pak System (CVE-2018-16842)
Summary Vulnerability in Curl used in OS image for RedHat Enterprise Linux in Cloud Pak System. OS image for RedHat Enterprise Linux has addresssd vulnerability. Vulnerability Details CVEID: CVE-2018-16842 DESCRIPTION: cURL could allow a remote attacker to obtain sensitive information, caused by ...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1269)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-2410)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : curl Vulnerability (NS-SA-2019-0235)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has curl packages installed that are affected by a vulnerability: - Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure an...
NewStart CGSL CORE 5.04 / MAIN 5.04 : curl Vulnerability (NS-SA-2019-0193)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has curl packages installed that are affected by a vulnerability: - Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure an...
curl, libcurl security update
CentOS Errata and Security Advisory CESA-2019:2181 An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
CentOS 7 : curl (CESA-2019:2181)
An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE li...
Low: Red Hat Security Advisory: curl security and bug fix update
An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
EulerOS Virtualization for ARM 64 3.0.2.0 : curl (EulerOS-SA-2019-1695)
According to the version of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that m...
Fedora Update for curl FEDORA-2019-697de0501f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
EulerOS Virtualization 2.5.3 : curl (EulerOS-SA-2019-1269)
According to the version of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result i...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)
This update for curl fixes the following issues : Security issues fixed : CVE-2019-3822: Fixed a NTLMv2 type-3 header stack-based buffer overflow bsc1123377. CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response bsc1123378. CVE-2018-16890: Fixed an out-of-bounds buffer read in NT...
Fedora 28 : curl (2018-298a3d2923)
make the patch for CVE-2018-16842 apply properly CVE-2018-16842 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...