101 matches found
MiracleLinux 9 : curl-7.76.1-23.el9.4 (AXSA:2023-6515:13)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6515:13 advisory. curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file CVE-2023-38546 Tenable has...
NewStart CGSL MAIN 7.02 : curl Multiple Vulnerabilities (NS-SA-2025-0111)
The remote NewStart CGSL host, running version MAIN 7.02, has curl packages installed that are affected by multiple vulnerabilities: - CVE-2023-38546 is a cookie injection vulnerability in the curleasyduphandle, a function in libcurl that duplicates easy handles. When duplicating an easy handle, ...
TencentOS Server 4: curl (TSSA-2024:0354)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0354 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: curl (TSSA-2023:0330)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0330 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0009: curl (ALINUX3-SA-2024:0009)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0009 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-38546: This flaw allows an attacker to...
Security Bulletin: IBM Storage Ceph is vulnerable to External Control of File Name or Path in the RHEL UBI (CVE-2023-38546)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-38546. Vulnerability Details CVEID:CVE-2023-38546 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...
Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...
EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2024-1677)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions a...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1647)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Low: Red Hat Security Advisory: Red Hat Satellite Client bug fix and security update
Updated Satellite Client packages that fixes Low security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to...
RHEL 6 / 7 / 8 / 9 : Red Hat Satellite Client (RHSA-2024:2101)
The remote Redhat Enterprise Linux 6 / 7 / 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2101 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.17 LTS and 11.5.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...
CVE-2023-38546 affecting package tensorflow for versions less than 2.16.1-1
CVE-2023-38546 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...
RLSA-2024:1601 Moderate: curl security and bug fix update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 curl: more POST-after-PUT confusion...
curl security and bug fix update
7.61.1-33.5 - cap SFTP packet size sent RHEL-5485 - when keyboard-interactive auth fails, try password 2229800 - unify the upload/method handling CVE-2023-28322 - fix cookie injection with none file CVE-2023-38546 - lowercase the domain names before PSL checks CVE-2023-46218...
AlmaLinux 8 : curl (ALSA-2024:1601)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1601 advisory. - An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback...
RHEL 8 : curl (RHSA-2024:1601)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1601 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...
Moderate: curl security and bug fix update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 curl: more POST-after-PUT confusion...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1411)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1439)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...