35 matches found
CLSA-2026-1776599416 curl: Fix of CVE-2024-7264
CVE-2024-7264: fix ASN.1 GTime2str heap buffer over-read caused by off-by-one in fractional seconds length calculation...
JLSEC-2025-38 libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Tim...
libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...
CLSA-2025-1751135005 curl: Fix of CVE-2024-7264
CVE-2024-7264: fix out-of-bound read in GTime2str function...
CLSA-2025-1750785256 curl: Fix of CVE-2024-7264
CVE-2024-7264: fix out-of-bound read in GTime2str function...
CLSA-2025-1750784906 curl: Fix of CVE-2024-7264
CVE-2024-7264: fix out-of-bound read in GTime2str function...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2825)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : curl (EulerOS-SA-2024-2795)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2715)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CBL Mariner 2.0 Security Update: mysql (CVE-2024-7264)
The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7264 advisory. - libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If...
EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-2575)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2549)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-2549)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...
CLSA-2024-1726773445 Fix CVE(s): CVE-2024-7264
SECURITY UPDATE: Heap Buffer Overflow in ASN.1 Parser - debian/patches/CVE-2024-7264.patch: Clean up GTime2str function to handle optional fractional seconds properly. Fix GTime2str issues and add unit tests to verify correct behaviour - CVE-2024-7264...
CLSA-2024-1726313254 Fix CVE(s): CVE-2024-7264
SECURITY UPDATE: Heap Buffer Overflow in ASN.1 Parser - debian/patches/CVE-2024-7264.patch: Clean up GTime2str function to handle optional fractional seconds properly. Fix GTime2str issues and add unit tests to verify correct behaviour - CVE-2024-7264...
SUSE-SU-2024:3080-2 Security update for curl
This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str bsc1228535...
openSUSE Security Advisory (SUSE-SU-2024:3080-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : curl (SUSE-SU-2024:3080-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3080-1 advisory. - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str bsc1228535 Tenable has extracted...
SUSE-SU-2024:3080-1 Security update for curl
This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str bsc1228535...
ROS-20240816-02
Vulnerability in the ASN1 Parser function GTime2str of the libcurl library is related to reading outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause an octasis in the maintenance...
ROS-20240816-22
Vulnerability in the ASN1 Parser function GTime2str of the libcurl library is related to reading outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause an octasis in the maintenance...