21 matches found
K08125515: cURL vulnerability CVE-2019-5435
Security Advisory Description An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. CVE-2019-5435 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated th...
Slackware: Security Advisory (SSA:2019-142-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0337)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update
Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...
RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 (RHSA-2020:4384)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4384 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering. This...
GLSA-202003-29 : cURL: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202003-29 cURL: Multiple vulnerabilities Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with...
Security Bulletin: Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local
Summary Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2019-5435 DESCRIPTION: An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. CVSS Base score: 7.3 CVSS Temporal Score: See:...
Oracle MySQL Server 5.7 <= 5.7.27 / 8.0 <= 8.0.17 Security Update (cpuoct2019) - Linux
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Oracle MySQL Server 5.7 <= 5.7.27 / 8.0 <= 8.0.17 Security Update (cpuoct2019) - Windows
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Amazon Linux AMI : curl (ALAS-2019-1233)
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl. CVE-2019-5436 An integer overflow in curl's URL API results in a buffer overflow in libcurl. CVE-2019-5435 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
Fedora 29 : curl (2019-697de0501f)
fix TFTP receive buffer overflow CVE-2019-5436 - fix integer overflows in curlurlset CVE-2019-5435 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for curl FEDORA-2019-697de0501f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[ASA-201905-13] lib32-libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201905-13 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5435 CVE-2019-5436 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-961 Summary ======= The...
USN-3993-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Wenchao Li discovered that curl incorrectly handled memory in the curlurlset function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of servic...
CVE-2019-5435
An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1...
CVE-2019-5435
CVE-2019-5435 affects curl/libcurl: an integer overflow in curl_url_set() within the URL API can cause a heap/buffer overflow in libcurl versions from 7.62.0 up to 7.64.1. The issue exists on affected builds and can lead to memory corruption; 32‑bit considerations are described in related advisor...
Security fix for the ALT Linux 8 package curl version 7.65.0-alt1
7.65.0-alt1 built May 24, 2019 Anton Farygin in task 229802 May 22, 2019 Anton Farygin - 7.65.0 - fixes: CVE-2019-5435: Integer overflows in curlurlset CVE-2019-5436: tftp: use the current blksize for recvfrom...
Ubuntu 16.04 LTS / 18.04 LTS : curl vulnerabilities (USN-3993-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3993-1 advisory. Wenchao Li discovered that curl incorrectly handled memory in the curlurlset function. A remote attacker could use this issue to cause curl t...
USN-3993-1: curl vulnerabilities
Wenchao Li discovered that curl incorrectly handled memory in the curlurlset function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. CVE-2019-5435 It was discovered that...