22 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-23915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple...
CVE-2023-23915 affecting package cmake 3.21.4-3
CVE-2023-23915 affecting package cmake 3.21.4-3. No patch is available currently...
CVE-2023-23915 affecting package rust 1.59.0-1
CVE-2023-23915 affecting package rust 1.59.0-1. No patch is available currently...
CVE-2023-23915 affecting package mysql 8.0.32-1
CVE-2023-23915 affecting package mysql 8.0.32-1. No patch is available currently...
Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8
Summary Third party reported 'Stored XSS' and 'CSRF' issues, Apache Tomcat, Apache ActiveMQ, CKEditor, libcURL, xmlbeans, scala-library, json-smart, jna-platform, jackson-databind, commons-io, shiro-core, commons-net, snappy-java, xercesImpl are identified as vulnerable components with multiple...
Photon OS 5.0: Cmake PHSA-2023-5.0-0035
An update of the cmake package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0035. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CBL Mariner 2.0 Security Update: mysql / rust / cmake / curl / tensorflow (CVE-2023-23915)
The version of mysql / rust / cmake / curl / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23915 advisory. - A cleartext transmission of sensitive information vulnerability exists in...
CVE-2023-23915 affecting package tensorflow for versions less than 2.16.1-1
CVE-2023-23915 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-23915 affecting package cmake for versions less than 3.28.2-1
CVE-2023-23915 affecting package cmake for versions less than 3.28.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-23915 affecting package rust for versions less than 1.72.0-2
CVE-2023-23915 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2286)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2066)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-23915 affecting package mysql for versions less than 8.0.33-1
CVE-2023-23915 affecting package mysql for versions less than 8.0.33-1. An upgraded version of the package is available that resolves this issue...
USN-5891-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Harry Sintonen discovered that curl incorrectly handled HSTS support when multiple URLs are requested serially. A remote attacker could possibly use this issue to cause curl to use...
CVE-2023-23915 affecting package curl 7.86.0-3
CVE-2023-23915 affecting package curl 7.86.0-3. An upgraded version of the package is available that resolves this issue...
CVE-2023-23915 affecting package curl for versions less than 7.88.1-1
CVE-2023-23915 affecting package curl for versions less than 7.88.1-1. An upgraded version of the package is available that resolves this issue...
Ubuntu: Security Advisory (USN-5891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : curl vulnerabilities (USN-5891-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5891-1 advisory. Harry Sintonen discovered that curl incorrectly handled HSTS support when multiple URLs are requested serially. A remote attacker...
CVE-2023-23915
CVE-2023-23915 affects multiple packages (e.g., rust 1.59.0-1, mysql 8.0.32-1, cmake 3.21.4-3, tensorflow <2.16.1-1, rust <1.72.0-2, cmake <3.28.2-1, mysql =2.16.1-1, cmake >=3.28.2-1, mysql >=8.0.33-1) to resolve the issue. The initial curl CVE description documents a separate HST...
Fedora 37 : curl (2023-ddf6575695)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ddf6575695 advisory. - fix HTTP multi-header compression denial of service CVE-2023-23916 - share HSTS between handles CVE-2023-23915 CVE-2023-23914 Tenable has extracte...