64 matches found
TencentOS Server 3: curl (TSSA-2023:0027)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0027 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-23916)
The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23916 advisory. - An allocation of resources without limits or throttling vulnerability exis...
CVE-2023-23916 affecting package rust 1.59.0-1
CVE-2023-23916 affecting package rust 1.59.0-1. No patch is available currently...
CVE-2023-23916 affecting package mysql 8.0.32-1
CVE-2023-23916 affecting package mysql 8.0.32-1. No patch is available currently...
CVE-2023-23916 affecting package cmake 3.21.4-3
CVE-2023-23916 affecting package cmake 3.21.4-3. No patch is available currently...
CVE-2023-23916 affecting package cmake for versions less than 3.21.4-13
CVE-2023-23916 affecting package cmake for versions less than 3.21.4-13. A patched version of the package is available...
Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8
Summary Third party reported 'Stored XSS' and 'CSRF' issues, Apache Tomcat, Apache ActiveMQ, CKEditor, libcURL, xmlbeans, scala-library, json-smart, jna-platform, jackson-databind, commons-io, shiro-core, commons-net, snappy-java, xercesImpl are identified as vulnerable components with multiple...
Photon OS 5.0: Cmake PHSA-2023-5.0-0035
An update of the cmake package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0035. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CBL Mariner 2.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-23916)
The version of cmake / curl / mysql / rust / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23916 advisory. - An allocation of resources without limits or throttling vulnerability exis...
CVE-2023-23916 affecting package tensorflow for versions less than 2.16.1-1
CVE-2023-23916 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-23916 affecting package cmake for versions less than 3.28.2-1
CVE-2023-23916 affecting package cmake for versions less than 3.28.2-1. An upgraded version of the package is available that resolves this issue...
CentOS 9 : curl-7.76.1-23.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the curl-7.76.1-23.el9 build changelog. - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the chained HTTP compression algorithms,...
CentOS 8 : curl (CESA-2023:1140)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:1140 advisory. - An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the chained HTTP compression algorithms, meaning that a...
Security Bulletin: IBM Storage Ceph is vulnerable to an Allocation of Resources Without Limits or Throttling in Curl (CVE-2023-23916)
Summary Curl is used by IBM Storage Ceph as part of the RHEL UBI and in assorted other locations. CVE-2023-23916 Vulnerability Details CVEID: CVE-2023-23916 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a flaw in the decompression chain implementation. By sending a...
CVE-2023-23916 affecting package rust for versions less than 1.72.0-2
CVE-2023-23916 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...
Moderate: Red Hat Security Advisory: curl security update
An update for curl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to cURL libcurl denial of service vulnerability( CVE-2023-23916)
Summary Potential cURL libcurl denial of service vulnerability CVE-2023-23916 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-23916 DESCRIPTION: cURL libcurl is vulnerable to a...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2286)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in cURL libcur ( CVE-2023-23916)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in cURL libcur, caused by a flaw in the decompression chain implementation CVE-2023-23916. cURL libcur is included as part of the base OS used by our speech services. This vulnerabilitiy h...
Security Bulletin: IBM MQ is affected by vulnerabilities in libcURL (CVE-2023-23916, CVE-2023-27535)
Summary Multiple issues were identified within the libcurl library that affect IBM MQ. IBM MQ uses libcurl to provide HTTPURL functionality which is only used to download remote CCDT files and is not used to send or receive messages. Vulnerability Details CVEID:CVE-2023-23916 DESCRIPTION: cURL...