79 matches found
MiracleLinux 8 : curl-7.61.1-34.el8_10.2 (AXSA:2024-8797:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8797:06 advisory. curl: HTTP/2 push headers memory-leak CVE-2024-2398 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
TencentOS Server 4: curl (TSSA-2024:0286)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0286 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: curl (TSSA-2024:0408)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0408 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
RLSA-2024:5654 Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: HTTP/2 push headers memory-leak CVE-2024-2398 For more details about the security issues, including the impact, a CVS...
RockyLinux 8 : curl (RLSA-2024:5654)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5654 advisory. curl: HTTP/2 push headers memory-leak CVE-2024-2398 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note tha...
Azure Linux 3.0 Security Update: cmake / curl / mysql (CVE-2024-2398)
The version of cmake / curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2398 advisory. - When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of...
Security Bulletin: Vulnerability in cURL libcurl affects IBM watsonx Assistant for IBM Cloud Pak for Data
Summary A potential vulnerability in cURL libcurl has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerabl...
CVE-2024-2398 affecting package cmake for versions less than 3.21.4-14
CVE-2024-2398 affecting package cmake for versions less than 3.21.4-14. A patched version of the package is available...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2628)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.21 LTS, 12.0.4 LTS and 12.4.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...
CVE-2024-2398 affecting package cmake for versions less than 3.30.3-2
CVE-2024-2398 affecting package cmake for versions less than 3.30.3-2. An upgraded version of the package is available that resolves this issue...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.1
Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.1 Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service, caused by a...
EulerOS 2.0 SP8 : curl (EulerOS-SA-2024-2460)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowe...
GLSA-202409-20 : curl: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-20 curl: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2024-2342)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2024-2322)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the...
EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2024-2302)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2302)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2322)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 9 : curl-7.76.1-31.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the curl-7.76.1-31.el9 build changelog. - When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allow...