34 matches found
SUSE CVE-2017-8817
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibly have unspecified other impact via a string that ends with an '' character...
Mageia: Security Advisory (MGASA-2018-0054)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
F5 Networks BIG-IP : cURL vulnerability (K61186963)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K61186963 advisory. curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP...
SUSE SLES12 Security Update : curl (SUSE-SU-2021:1786-1)
This update for curl fixes the following issues: CVE-2021-22898: TELNET stack contents disclosure bsc1186114 CVE-2021-22876: The automatic referer leaks credentials bsc1183933 CVE-2020-8286: Inferior OCSP verification bsc1179593 CVE-2020-8285: FTP wildcard stack overflow bsc1179399 CVE-2020-8284:...
EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1596)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability Summary for CVE-2020-8169CVE-2020-8169 - Vulnerability Summary for CVE-2020-8177CVE-2020-8177 - Expired pointer...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1466)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : curl (EulerOS-SA-2021-1063)
According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.CVE-2020-8285...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-1022)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...
CVE-2020-8285
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...
CVE-2020-8285
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...
Security update for curl (moderate)
openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2020:2249-1 Rating: moderate References: 1179398 1179399 1179593 Cross-References: CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now...
Security update for curl (moderate)
openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2020:2238-1 Rating: moderate References: 1179398 1179399 1179593 Cross-References: CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...
CURL-CVE-2020-8285 FTP wildcard stack overflow
libcurl offers a wildcard matching functionality, which allows a callback set with CURLOPTCHUNKBGNFUNCTION to return information back to libcurl on how to handle a specific entry in a directory when libcurl iterates over a list of all available entries. When this callback returns...
UBUNTU-CVE-2020-8285
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...
EulerOS Virtualization 3.0.1.0 : curl (EulerOS-SA-2019-1549)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldapgetattributeber function. A...
Security Bulletin: Vulnerabilities in cURL/libcurl affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows
Summary IntelR Manycore Platform Software Stack IntelR MPSS for Linux and Windows have addressed the following vulnerabilities in cURL/libcurl. Vulnerability Details Summary Intel® Manycore Platform Software Stack Intel® MPSS for Linux and Windows have addressed the following vulnerabilities in...
openSUSE Security Update : curl (openSUSE-2018-56)
This update for curl fixes the following issues : Security issues fixed : - CVE-2017-8816: Buffer overrun flaw in the NTLM authentication code bsc1069226. - CVE-2017-8817: Read out of bounds flaw in the FTP wildcard function bsc1069222. This update was imported from the SUSE:SLE-12:Update update...
SUSE-SU-2018:0122-1 Security update for curl
This update for curl fixes the following issues: Security issues fixed: - CVE-2017-8816: Buffer overrun flaw in the NTLM authentication code bsc1069226. - CVE-2017-8817: Read out of bounds flaw in the FTP wildcard function bsc1069222...
MGASA-2018-0054 Updated curl packages fix security vulnerability
libcurl contains a buffer overrun flaw in the NTLM authentication code CVE-2017-8816. libcurl contains a read out of bounds flaw in the FTP wildcard function CVE-2017-8817. libcurl may read outside of a heap allocated buffer when doing FTP CVE-2017-1000254. libcurl contains a buffer overrun flaw ...
Medium: curl
Issue Overview: The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service integer overflow and resultant buffer overflow, and application crash or possibly have unspecified other impact via vectors involving long user and...