39 matches found
TencentOS Server 4: curl (TSSA-2024:0286)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0286 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Azure Linux 3.0 Security Update: cmake / curl / mysql (CVE-2024-2004)
The version of cmake / curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2004 advisory. - When a protocol selection parameter option disables all protocols without adding any then the...
CVE-2024-2004 affecting package mysql for versions less than 8.0.40-1
CVE-2024-2004 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-2004 affecting package mysql for versions less than 8.0.40-1
CVE-2024-2004 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-2004 affecting package cmake for versions less than 3.30.3-2
CVE-2024-2004 affecting package cmake for versions less than 3.30.3-2. An upgraded version of the package is available that resolves this issue...
GLSA-202409-20 : curl: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-20 curl: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...
Tenable Security Center Multiple Vulnerabilities (TNS-2024-13)
According to its self-reported version, the Tenable Security Center running on the remote host is 6.2.1, 6.3.0 or 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-13 advisory. - Security Center leverages third-party software to help provide underlying...
CBL Mariner 2.0 Security Update: cmake / curl / mysql (CVE-2024-2004)
The version of cmake / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2004 advisory. - When a protocol selection parameter option disables all protocols without adding any then the...
CVE-2024-2004 affecting package curl for versions less than 8.8.0-1
CVE-2024-2004 affecting package curl for versions less than 8.8.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-2004 affecting package curl for versions less than 8.8.0-1
CVE-2024-2004 affecting package curl for versions less than 8.8.0-1. An upgraded version of the package is available that resolves this issue...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP4 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
SUSE: Security Advisory (SUSE-SU-2024:1150-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1151-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1151-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : curl (SUSE-SU-2024:1151-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1151-2 advisory. - CVE-2024-2004: Fix the uUsage of disabled protocol logic. bsc1221665 - CVE-2024-2398: Fix HTTP/2 push headers memory-leak...
Medium: curl
Issue Overview: When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoco...
USN-6718-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected...
Amazon Linux 2 : curl (ALAS-2024-2526)
The version of curl installed on the remote host is prior to 8.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2526 advisory. When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would...
Ubuntu: Security Advisory (USN-6718-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: curl
Issue Overview: When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoco...