Lucene search
K

66 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: curl (TSSA-2023:0089)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0089 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

5.9CVSS6.1AI score0.02511EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2024/01/25 8:12 a.m.45 views

Moderate: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

6.5CVSS6.8AI score0.02511EPSS
Exploits6References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/01 8:2 p.m.43 views

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Input Validation in Curl (CVE-2022-35252)

Summary Curl is used by IBM Storage Ceph as part of RHEL, the base operating system. CVE-2022-35252 Vulnerability Details CVEID: CVE-2022-35252 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a flaw when cookies contain control codes are later sent back to an HTTPS serve...

3.7CVSS6.6AI score0.01839EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 5:27 p.m.37 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in cURL libcurl (CVE-2022-35252)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in cURL libcurl CVE-2022-35252, caused by a flaw when cookies contain control codes are later sent back to an HTTPS server. cURL libcurl is included in the Base OS image used by our Speech...

3.7CVSS6.2AI score0.01839EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2023/06/07 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2066)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.04325EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2023/05/20 12:0 a.m.37 views

AlmaLinux 8 : curl (ALSA-2023:2963)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2963 advisory. - When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver...

5.9CVSS6.6AI score0.02511EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.44 views

CentOS 8 : curl (CESA-2023:2963)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:2963 advisory. - When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a...

5.9CVSS6.6AI score0.02511EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2023/05/16 9:2 a.m.60 views

Low: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

5.9CVSS6.7AI score0.02511EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.103 views

Low: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Incorrect handling of control code characters in cookies CVE-2022-35252 curl: Use-after-free triggered by an HTTP pro...

5.9CVSS7.1AI score0.02511EPSS
Exploits2References6
Oracle linux
Oracle linux
added 2023/05/15 12:0 a.m.59 views

curl security update

7.76.1-23 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.76.1-22 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.76.1-21 - fix POST following PUT confusion CVE-2022-32221 7.76.1-20 - control code in cookie denial of service CVE-2022-35252...

9.8CVSS7.2AI score0.04325EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.40 views

Oracle Linux 9 : curl (ELSA-2023-2478)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2478 advisory. - fix HTTP multi-header compression denial of service CVE-2023-23916 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 - fi...

9.8CVSS7.2AI score0.04325EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.36 views

RHEL 9 : curl (RHSA-2023:2478)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2478 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

5.9CVSS6.7AI score0.02511EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2023/05/09 9:51 a.m.59 views

Low: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

5.9CVSS6.7AI score0.02511EPSS
Exploits2References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.119 views

Low: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Incorrect handling of control code characters in cookies CVE-2022-35252 curl: Use-after-free triggered by an HTTP pro...

5.9CVSS7AI score0.02511EPSS
Exploits2References6
OSV
OSV
added 2023/05/09 12:0 a.m.38 views

ALSA-2023:2478 Low: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Incorrect handling of control code characters in cookies CVE-2022-35252 curl: Use-after-free triggered by an HTTP pro...

5.9CVSS7.1AI score0.02511EPSS
Exploits2References6
ICS
ICS
added 2023/05/09 12:0 a.m.45 views

Siemens SINEC NMS Third-Party

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS8.7AI score0.04325EPSS
Exploits5References12
Tenable Nessus
Tenable Nessus
added 2023/05/02 12:0 a.m.27 views

Siemens SCALANCE XCM332 Improper Validation of Syntactic Correctness of Input (CVE-2022-35252)

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing asister site to deny service to all siblings. This plugin only works with...

3.7CVSS6.2AI score0.01839EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.33 views

CBL Mariner 2.0 Security Update: curl (CVE-2022-35252)

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-35252 advisory. - When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes tha...

3.7CVSS6.3AI score0.01839EPSS
Exploits1References2
Debian
Debian
added 2023/01/28 9:19 p.m.225 views

[SECURITY] [DLA 3288-1] curl security update

Debian LTS Advisory DLA-3288-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez January 28, 2023 https://wiki.debian.org/LTS Package : curl Version : 7.64.0-4+deb10u4 CVE ID : CVE-2022-27774 CVE-2022-32221 CVE-2022-35252 CVE-2022-43552 Debian Bug : Several...

9.8CVSS6.7AI score0.04325EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.57 views

macOS 11.x < 11.7.3 Multiple Vulnerabilities (HT213603)

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.3. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur...

9.8CVSS7.5AI score0.01839EPSS
Exploits1References12
Rows per page
Query Builder