Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.25 views

Photon OS 3.0: Curl PHSA-2022-3.0-0406

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0406. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS6.9AI score0.03425EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.31 views

Photon OS 4.0: Curl PHSA-2022-4.0-0205

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0205. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS6.9AI score0.03425EPSS
Exploits7References8
Cloud Foundry
Cloud Foundry
added 2022/12/07 12:0 a.m.43 views

USN-5412-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass...

7.5CVSS8.2AI score0.02596EPSS
Exploits3Affected Software3
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.39 views

Amazon Linux 2022 : curl, curl-minimal, libcurl (ALAS2022-2022-065)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-065 advisory. A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials s...

8.1CVSS6.8AI score0.03425EPSS
Exploits8References17
CBLMariner
CBLMariner
added 2022/08/24 10:5 p.m.24 views

CVE-2022-27780 affecting package curl 7.76.0-9

CVE-2022-27780 affecting package curl 7.76.0-9. This CVE either no longer is or was never applicable...

7.5CVSS9.9AI score0.02187EPSS
Exploits1
CBLMariner
CBLMariner
added 2022/07/01 9:2 p.m.18 views

CVE-2022-27780 affecting package curl for versions less than 7.83.1-1

CVE-2022-27780 affecting package curl for versions less than 7.83.1-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.9AI score0.02187EPSS
Exploits1
Cvelist
Cvelist
added 2022/06/01 12:0 a.m.26 views

CVE-2022-27780

The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a different URL usingthe wrong host name when it is later retrieved.For example, a URL like http://example.com%2F127.0.0.1/, would be allowed bythe parser and get...

7.7AI score0.02187EPSS
Exploits1References3
ALT Linux
ALT Linux
added 2022/05/19 12:0 a.m.136 views

Security fix for the ALT Linux 10 package curl version 7.83.1-alt1

7.83.1-alt1 built May 19, 2022 Anton Farygin in task 299735 --- May 11, 2022 Anton Farygin - 7.83.1 - Fixes: CVE-2022-30115: HSTS bypass via trailing dot CVE-2022-27782: TLS and SSH connection too eager reuse CVE-2022-27781: CERTINFO never-ending busy-loop CVE-2022-27780: percent-encoded path...

5.8CVSS3.4AI score0.03453EPSS
Exploits6
OpenVAS
OpenVAS
added 2022/05/12 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-5412-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.02596EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/05/12 12:0 a.m.30 views

Slackware: Security Advisory (SSA:2022-131-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.03453EPSS
Exploits6References8
Ubuntu
Ubuntu
added 2022/05/11 1:14 p.m.101 views

USN-5412-1: curl vulnerabilities

Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. CVE-2022-27780 Florian Kohnhuser discovered...

7.5CVSS6.7AI score0.02596EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2022/05/11 8:1 a.m.56 views

CVE-2022-27780

A vulnerability was found in curl. This issue occurs because the curl URL parser wrongly accepts percent-encoded URL separators like '/' when decoding the hostname part of a URL, making it a different URL using the wrong hostname when it is later retrieved. This flaw allows a malicious actor to...

7.5CVSS2.9AI score0.02187EPSS
Exploits1References4
Hacker One
Hacker One
added 2022/05/11 7:6 a.m.74 views

Internet Bug Bounty: CVE-2022-27780: percent-encoded path separator in URL host

Advisory: https://curl.se/docs/CVE-2022-27780.html Original Report: https://hackerone.com/reports/1553841 Impact URL filter bypasses...

7.7AI score0.02187EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/05/11 12:0 a.m.61 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : curl vulnerabilities (USN-5412-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5412-1 advisory. Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this iss...

7.5CVSS6.7AI score0.02596EPSS
Exploits3References4
Rows per page
Query Builder