Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/01 12:0 a.m.41 views

Debian DSA-5365-1 : curl - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5365 advisory. - An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract...

6.5CVSS6.8AI score0.01703EPSS
Exploits2References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 4:36 p.m.70 views

Security Bulletin: IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint has addressed multiple security vulnerabilities (CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)

Summary This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Aspera High-Speed Transfer Server 4.4.1 and Aspera High-Speed Transfer Endpoint 4.4.1 Vulnerability Details CVEID:CVE-2022-27774 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain...

7.5CVSS7.3AI score0.03425EPSS
Exploits3Affected Software1
Debian
Debian
added 2023/01/28 9:19 p.m.229 views

[SECURITY] [DLA 3288-1] curl security update

Debian LTS Advisory DLA-3288-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez January 28, 2023 https://wiki.debian.org/LTS Package : curl Version : 7.64.0-4+deb10u4 CVE ID : CVE-2022-27774 CVE-2022-32221 CVE-2022-35252 CVE-2022-43552 Debian Bug : Several...

9.8CVSS6.7AI score0.04325EPSS
Exploits5
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.34 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to credential exposure in cURL libcurl (CVE-2022-27774)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to credential exposure in cURL libcurl CVE-2022-27774, which could allow an attacker to use this information to launch further attacks against the affected system. The affected component, "same host check" in cU...

5.7CVSS6.5AI score0.01595EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.34 views

AlmaLinux 9 : curl (ALSA-2022:5245)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5245 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 6:4 p.m.43 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-27774

Summary cURL is used by IBM App Connect Enterprise Certified Container for internal communication and status checking. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerabili...

5.7CVSS6.5AI score0.01595EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2454)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.3197EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/10/09 12:0 a.m.36 views

EulerOS 2.0 SP8 : curl (EulerOS-SA-2022-2454)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to...

6.5CVSS6.8AI score0.3197EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.39 views

Amazon Linux 2022 : curl, curl-minimal, libcurl (ALAS2022-2022-065)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-065 advisory. A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials s...

8.1CVSS6.8AI score0.03425EPSS
Exploits8References17
Debian
Debian
added 2022/08/01 4:58 p.m.206 views

[SECURITY] [DSA 5197-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.3197EPSS
Exploits15
OpenVAS
OpenVAS
added 2022/07/29 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2153)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2087)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2107)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/08 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1961)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.55 views

Rocky Linux 8 : curl (RLSA-2022:5313)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5313 advisory. - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections withou...

8.1CVSS6.9AI score0.03425EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.58 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2022-1961)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
Oracle linux
Oracle linux
added 2022/06/30 12:0 a.m.38 views

curl security update

7.76.1-14.el90.4 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.76.1-14.el90.3 - fix leak of SRP credentials in redirects CVE-2022-27774 7.76.1-14.el90.2 - add missing tests to Makefile 7.76.1-14.el90.1 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on...

8.1CVSS2AI score0.03425EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2022/06/30 12:0 a.m.58 views

Oracle Linux 8 : curl (ELSA-2022-5313)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5313 advisory. - fix too eager reuse of TLS and SSH connections CVE-2022-27782 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on redirect...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
OSV
OSV
added 2022/06/28 10:52 a.m.40 views

RLSA-2022:5313 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: OAUTH2 bearer bypass in connection re-use CVE-2022-22576 curl: credential leak on redirect CVE-2022-27774 curl:...

8.1CVSS7.5AI score0.03425EPSS
Exploits4References5
Cloud Foundry
Cloud Foundry
added 2022/05/23 12:0 a.m.37 views

USN-5397-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Patrick Monnerat discovered that curl incorrectly handled certain OAUTH2. An attacker could possibly use this issue to access sensitive information. CVE-2022-22576 Harry Sintonen discovered that curl...

8.1CVSS7.2AI score0.03425EPSS
Exploits4Affected Software2
Rows per page
Query Builder