Lucene search
K

31 matches found

OSV
OSV
added 2023/08/31 12:15 p.m.1 views

BELL-CVE-2022-32207 CVE-2022-32207 does not affect BellSoft software

Bulletin has no description...

9.8CVSS5.8AI score0.06823EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/05/02 12:0 a.m.41 views

Siemens SCALANCE XCM332 Incorrect Default Permissions (CVE-2022-32207)

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.8CVSS7.2AI score0.06823EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.63 views

CBL Mariner 2.0 Security Update: curl (CVE-2022-32207)

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-32207 advisory. - When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by...

9.8CVSS7.2AI score0.06823EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/12/28 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2890)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.3197EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2022/12/19 12:0 a.m.19 views

Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

9.8CVSS7.4AI score0.3197EPSS
Exploits14References2
RedHat Linux
RedHat Linux
added 2022/12/08 1:21 p.m.85 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update

An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

10CVSS7.6AI score0.95764EPSS
Exploits20References24
RedHat Linux
RedHat Linux
added 2022/12/08 1:8 p.m.94 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update

An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

10CVSS7.4AI score0.95764EPSS
Exploits14References18
Tenable Nessus
Tenable Nessus
added 2022/12/08 12:0 a.m.58 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 (RHSA-2022:8840)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8840 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

10CVSS7.8AI score0.95764EPSS
Exploits14References37
Cloud Foundry
Cloud Foundry
added 2022/12/07 12:0 a.m.35 views

USN-5495-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.1...

9.8CVSS7.8AI score0.3197EPSS
Exploits4Affected Software3
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2426)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.3197EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/08/25 12:0 a.m.74 views

Oracle Linux 9 : curl (ELSA-2022-6157)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6157 advisory. - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 Tenable has extracted the preceding descripti...

9.8CVSS7.3AI score0.3197EPSS
Exploits3References4
Oracle linux
Oracle linux
added 2022/08/25 12:0 a.m.156 views

curl security update

7.76.1-14.el90.5 - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 - fix FTP-KRB bad message verification CVE-2022-32208...

9.8CVSS0.7AI score0.3197EPSS
Exploits3
CBLMariner
CBLMariner
added 2022/08/24 10:5 p.m.28 views

CVE-2022-32207 affecting package curl 7.76.0-9

CVE-2022-32207 affecting package curl 7.76.0-9. An upgraded version of the package is available that resolves this issue...

9.8CVSS9.9AI score0.06823EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2022/08/24 3:12 p.m.85 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS6.7AI score0.3197EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2022/08/24 12:0 a.m.42 views

RHEL 9 : curl (RHSA-2022:6157)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6157 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

9.8CVSS7.4AI score0.3197EPSS
Exploits3References9
AlmaLinux
AlmaLinux
added 2022/08/24 12:0 a.m.49 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: HTTP compression denial of service CVE-2022-32206 curl: Unpreserved file permissions CVE-2022-32207 curl: FTP-KRB bad...

9.8CVSS8.2AI score0.3197EPSS
Exploits3References8
CBLMariner
CBLMariner
added 2022/08/03 9:15 p.m.26 views

CVE-2022-32207 affecting package curl for versions less than 7.84.0-1

CVE-2022-32207 affecting package curl for versions less than 7.84.0-1. An upgraded version of the package is available that resolves this issue...

9.8CVSS8.8AI score0.06823EPSS
Exploits1
Debian
Debian
added 2022/08/01 4:58 p.m.199 views

[SECURITY] [DSA 5197-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.3197EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.66 views

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2022:2305-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2305-1 advisory. - A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl...

9.8CVSS6.9AI score0.3197EPSS
Exploits4References13
Vulnrichment
Vulnrichment
added 2022/07/07 12:0 a.m.2 views

CVE-2022-32207

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.1AI score0.06823EPSS
Exploits1References8
Rows per page
Query Builder