Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2023-27538)

libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were...

Linux Distros Unpatched Vulnerability : CVE-2023-27538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27538)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27538 advisory. - An authentication bypass vulnerability exists in libcurl prior to v8.0.0...

CVE-2023-27538 affecting package cmake for versions less than 3.21.4-13

CVE-2023-27538 affecting package cmake for versions less than 3.21.4-13. A patched version of the package is available...

Photon OS 5.0: Cmake PHSA-2023-5.0-0035

An update of the cmake package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0035. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2023-27538 affecting package tensorflow for versions less than 2.16.1-1

CVE-2023-27538 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-27538 affecting package cmake for versions less than 3.28.2-1

CVE-2023-27538 affecting package cmake for versions less than 3.28.2-1. An upgraded version of the package is available that resolves this issue...

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Authentication in the RHEL UBI (CVE-2023-27538)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-27538 This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID: CVE-2023-27538 DESCRIPTION: cURL libcurl could allow a local attacker to bypass security restrictions,...

CVE-2023-27538 affecting package mysql for versions less than 8.0.34-1

CVE-2023-27538 affecting package mysql for versions less than 8.0.34-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-27538 affecting package rust for versions less than 1.72.0-2

CVE-2023-27538 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2500)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2510)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2484)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : curl (EulerOS-SA-2023-2459)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2328)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-2328)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in...

Security Bulletin: Multiple vulnerabilities in cURL libcurl affect AIX

Summary Multiple vulnerabilities in cURL libcurl affect AIX. AIX uses cURL libcurl as part of LV/PV encryption integration with HPCS. Vulnerability Details CVEID:CVE-2022-43552 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a use-after-free flaw when using an HTTP proxy...

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

SUSE: Security Advisory (SUSE-SU-2023:2226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...