22 matches found
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Operator package issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Operator package issues.. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for...
Puppet Enterprise < 2019.8.7 / 2021.x < 2021.2 Curl Vulnerabilities
For more information about this vulnerability, refer to the security announcements. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin were extracted...
Puppet Agent 6.x < 6.23.0 / 7.x < 7.8.0 Multiple Vulnerabilities
On May 26, 2021 curl published security updates addressing 3 CVEs: CVE-2021-22897 Low CVE-2021-22898 Medium CVE-2021-22901 High. Previous releases of Puppet Agent contain this vulnerable version of curl. For more information about this vulnerability, refer to the curl ecurity announcements. Note...
CBL Mariner 2.0 Security Update: curl (CVE-2021-22901)
The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-22901 advisory. - curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being...
Slackware: Security Advisory (SSA:2021-146-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle HTTP Server (Apr 2022 CPU)
The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener Apache HTTP Server. Supported versions that a...
CVE-2021-22901 affecting package curl for versions less than 7.76.0-5
CVE-2021-22901 affecting package curl for versions less than 7.76.0-5. A patched version of the package is available...
Siemens SINEC INS
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...
MySQL 8.0.x < 8.0.26 Multiple Vulnerabilities (July 2025 CPU)
The version of MySQL running on the remote host is 8.0.x prior to 8.0.26. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the July 2021 Critical Patch Update advisory: - curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting i...
Oracle MySQL Server <= 5.7.34 / 8.0 <= 8.0.25 Security Update (cpujul2021) - Linux
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Oracle MySQL Server <= 5.7.34 / 8.0 <= 8.0.25 Security Update (cpujul2021) - Windows
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update
Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 8 zip release for RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...
RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 (RHSA-2021:2472)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2472 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This...
CVE-2021-22901
CVE-2021-22901 affects curl/libcurl up to version 7.76.x for builds using OpenSSL. A use-after-free during TLS 1.3 session-ticket handling on a single connection can lead to remote code execution in rare cases. Impact is tied to memory access after freeing objects when a session ticket arrives on...
CVE-2021-22901
curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client...
CVE-2021-22901 affecting package curl 7.76.0-9
CVE-2021-22901 affecting package curl 7.76.0-9. A patched version of the package is available...
[ASA-202106-5] lib32-curl: multiple issues
Arch Linux Security Advisory ASA-202106-5 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-22898 CVE-2021-22901 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1996 Summary ======= The package lib32-cur...
[ASA-202106-4] curl: multiple issues
Arch Linux Security Advisory ASA-202106-4 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-22898 CVE-2021-22901 Package : curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1995 Summary ======= The package curl before...
Photon OS 1.0: Curl PHSA-2021-1.0-0393
An update of the curl package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0393. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc...