Siemens SIMATIC S7-1500 Double Free (CVE-2019-5481)

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504277;...

EUVD-2019-15059

Malware in sbrugna...

USN-5495-2: curl regression

USN-5495-1 fixed vulnerabilities in curl. The fix for CVE-2022-32205 miscalculated the maximum cookie size, causing a regression. This update fixes the problem. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this...

Oracle Linux 8 : curl (ELSA-2020-1792)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1792 advisory. - double free due to subsequent call of realloc CVE-2019-5481 - fix heap buffer overflow in function tftpreceivepacket CVE-2019-5482 Tenable has...

SUSE CVE-2019-5481

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3...

curl: FTP-KRB bad message verification

A vulnerability was found in curl. This issue occurs because it mishandles message verification failures when curl does FTP transfers secured by krb5. This flaw makes it possible for a Man-in-the-middle attack to go unnoticed and allows data injection into the client...

CLSA-2022-1661173301 Fix CVE(s): CVE-2022-32208

SECURITY UPDATE: When curl less than 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. - debian/patches/CVE-2022-32208.patch: krb5: return error properly on decode errors - CVE-2022-32208...

USN-5495-1 curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. CVE-2022-32205 Harry Sintonen discovered that curl incorrectly handled certain HTTP...

Mageia: Security Advisory (MGASA-2019-0337)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

curl: double free due to subsequent call of realloc()

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2020-1070)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-2101)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated curl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. CVE-2019-5435 A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4...

EulerOS 2.0 SP8 : curl (EulerOS-SA-2019-2101)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.CVE-2019-5481 - Heap buffer overflow in the TFTP protocol handler in...

Amazon Linux 2 : curl (ALAS-2019-1340)

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.CVE-2019-5481 Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.CVE-2019-5482 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Lin...

Amazon Linux AMI : curl (ALAS-2019-1294)

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. CVE-2019-5481 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon...

Medium: curl

Issue Overview: Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. CVE-2019-5481 Affected Packages: curl Issue Correction: Run yum update curl or yum update --advisory ALAS-2019-129...

CVE-2019-5481

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3...

ALPINE-CVE-2019-5481

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3...

DEBIAN-CVE-2019-5481

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3...