30 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-42916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly...
CVE-2022-42916 affecting package tensorflow for versions less than 2.16.1-1
CVE-2022-42916 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2066)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5702-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform...
Oracle VirtualBox Security Update (Apr 2023) - Windows
Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
KLA48969 Multiple vulnerabilities in Oracle VirtualBox
Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Code execution vulnerability ...
CBL Mariner 2.0 Security Update: curl (CVE-2022-42916)
The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-42916 advisory. - In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS...
SUSE CVE-2022-42916
In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly instead of using an insecure cleartext HTTP step even when HTTP is provided in the URL. This mechanism could be bypassed if the host nam...
macOS 13.x < 13.2 Multiple Vulnerabilities (HT213605)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.2. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3...
macOS 12.x < 12.6.3 Multiple Vulnerabilities (HT213604)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.3. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur...
About the security content of macOS Ventura 13.2
About the security content of macOS Ventura 13.2 This document describes the security content of macOS Ventura 13.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...
Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpujan2023) - Linux
Oracle MySQL Server is prone to a vulnerability in libcurl. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1005)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update
An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update
An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...
RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 (RHSA-2022:8840)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8840 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
CVE-2022-42916 affecting package curl 7.84.0-1
CVE-2022-42916 affecting package curl 7.84.0-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by multiple vulnerabilities in libcurl (CVE-2022-42915, CVE-2022-42916, CVE-2022-32221)
Summary The Community Edition of IBM ILOG CPLEX Optimization Studio on Windows platform only has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2022-42915 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a double-free flaw in the error/cleanup...
CVE-2022-42916 affecting package curl for versions less than 7.86.0-1
CVE-2022-42916 affecting package curl for versions less than 7.86.0-1. An upgraded version of the package is available that resolves this issue...
Fedora: Security Advisory for curl (FEDORA-2022-39688a779d)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...