22 matches found
Siemens SIMATIC S7-1500 Double Free (CVE-2021-22945)
When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again. This plugin only works with Tenable.ot. Please visit...
Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)
Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...
[SECURITY] [DSA 5197-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...
Slackware: Security Advisory (SSA:2021-258-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-22945 affecting package curl for versions less than 7.82.0-1
CVE-2021-22945 affecting package curl for versions less than 7.82.0-1. An upgraded version of the package is available that resolves this issue...
Amazon Linux 2 : curl (ALAS-2021-1724)
The version of curl installed on the remote host is prior to 7.79.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1724 advisory. A flaw was found in libcurl. When sending data to an MQTT server could in some situations lead to libcurl using already free...
Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Linux
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
CVE-2021-22945 affecting package curl 7.76.0-9
CVE-2021-22945 affecting package curl 7.76.0-9. A patched version of the package is available...
Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by a vulnerability in libcurl (CVE-2021-22945)
Summary The Community Edition of IBM ILOG CPLEX Optimization Studio on Windows platform only has addressed the following vulnerability: libcurl is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2021-22945 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused ...
CVE-2021-22945
When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...
CVE-2021-22945
When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...
MGASA-2021-0438 Updated curl packages fix security vulnerability
UAF and double-free in MQTT sending. CVE-2021-22945 Protocol downgrade required TLS bypassed. CVE-2021-22946 STARTTLS protocol injection via MITM. CVE-2021-22947...
CVE-2021-22945
When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...
CVE-2021-22945
When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...
CVE-2021-22945
Summary: CVE-2021-22945 affects libcurl/curl when sending data to an MQTT server, where in some cases a pointer to freed memory could be reused and freed again. This is a memory-use-after-free/double-free issue in libcurl. What is affected: libcurl/curl (MQTT data transmission scenarios) with vul...
Fedora: Security Advisory for curl (FEDORA-2021-c5584b92d4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Photon OS 3.0: Curl PHSA-2021-3.0-0301
An update of the curl package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0301. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc...
Vulnerabilities fixed in curl
Vulnerabilities have been fixed in curl. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Updates have been released to fix the vulnerabilities. More...
Slackware Linux 14.0 / 14.1 / 14.2 / current curl Multiple Vulnerabilities (SSA:2021-258-01)
The version of curl installed on the remote host is prior to 7.79.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-258-01 advisory. - When curl = 7.20.0 and = 7.20.0 and = 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP...
USN-5079-1: curl vulnerabilities
It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-22945 Patrick Monnerat discovered that curl incorrectly handled...