33 matches found
Alibaba Cloud Linux 3 : 0070: curl (ALINUX3-SA-2021:0070)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0070 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-22922: When curl is instructed to...
Linux Distros Unpatched Vulnerability : CVE-2021-22923
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentia...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Operator package issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Operator package issues.. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for...
BELL-CVE-2021-22923 CVE-2021-22923 does not affect BellSoft software
Bulletin has no description...
K54308152: cURL vulnerability CVE-2021-22923
Security Advisory Description When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download...
CVE-2021-22923 affecting package curl for versions less than 7.76.0-5
CVE-2021-22923 affecting package curl for versions less than 7.76.0-5. A patched version of the package is available...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1062)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2021-0384)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2769)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
curl security and bug fix update
7.61.1-22 - fix STARTTLS protocol injection via MITM CVE-2021-22947 - fix protocol downgrade required TLS bypass CVE-2021-22946 7.61.1-21 - fix TELNET stack contents disclosure again CVE-2021-22925 - fix TELNET stack contents disclosure CVE-2021-22898 - fix bad connection reuse due to flawed path...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2707)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Linux
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Moderate: Red Hat Security Advisory: curl security update
An update for curl is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
CentOS 8 : curl (CESA-2021:3582)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3582 advisory. - curl: Content not matching hash in Metalink is not being discarded CVE-2021-22922 - curl: Metalink download sends credentials CVE-2021-22923 - curl:...
Fedora: Security Advisory for curl (FEDORA-2021-c5584b92d4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Security Advisory: curl security update
An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Content not matching hash in Metalink is not being discarded CVE-2021-22922 curl: Metalink download sends credentials...
RLSA-2021:3582 Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Content not matching hash in Metalink is not being discarded CVE-2021-22922 curl: Metalink download sends credentials...
curl security update
An update is available for curl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for downloadi...
curl security update
7.61.1-18.el84.1 - fix bad connection reuse due to flawed path name checks CVE-2021-22924 - disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded...