21 matches found
CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1
CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...
USN-5702-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform...
Siemens SINEC NMS Third-Party
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
macOS 13.x < 13.2 Multiple Vulnerabilities (HT213605)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.2. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3...
About the security content of macOS Ventura 13.2
About the security content of macOS Ventura 13.2 This document describes the security content of macOS Ventura 13.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...
macOS 12.x < 12.6.3 Multiple Vulnerabilities (HT213604)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.3. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur...
Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpujan2023) - Linux
Oracle MySQL Server is prone to a vulnerability in libcurl. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpujan2023) - Windows
Oracle MySQL Server is prone to a vulnerability in libcurl. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
DEBIAN-CVE-2022-35260
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
CVE-2022-35260
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
CVE-2022-35260
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
CVE-2022-35260
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
CVE-2022-35260
CVE-2022-35260 affects curl. When curl parses a .netrc file for credentials, if the file ends with a line of 4095 consecutive non-whitespace characters and no newline, curl could read past the end of a stack-based buffer and, if the read succeeds, write a zero byte beyond its boundary, causing a ...
CVE-2022-35260
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
CVE-2022-35260
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...
Fedora: Security Advisory for curl (FEDORA-2022-39688a779d)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for curl (FEDORA-2022-01ffde372c)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Internet Bug Bounty: CVE-2022-35260: .netrc parser out-of-bounds access
Original Report:https://hackerone.com/reports/1721098 Impact If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service...
Slackware: Security Advisory (SSA:2022-299-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5702-1: curl vulnerabilities
Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. CVE-2022-32221 Hiroki Kurosawa discovered that curl incorrectly handled parsin...